CVE-2026-23891 | Decidim up to 0.30.4/0.31.0 Name cross site scripting (GHSA-fc46-r95f-hq7g)

Inserito da Angelo Barbosa | Apr 13, 2026 | CVE

A vulnerability classified as problematic was found in Decidim up to 0.30.4/0.31.0. This issue affects some unknown processing. Executing a manipulation of the argument Name can lead to cross site scripting.

This vulnerability is handled as CVE-2026-23891. The attack can be executed remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-23891 | Decidim up to 0.30.4/0.31.0 Name cross site scripting (GHSA-fc46-r95f-hq7g)

Post correlati

CVE-2024-7927 | ZZCMS 2023 class.php skin[] path traversal

CVE-2023-6900 | rmountjoy92 DashMachine 0.5-4 /settings/delete_file path traversal

CVE-2023-52845 | Linux Kernel up to 6.6.1 tipc lib/string.c strstr buffer overflow

CVE-2021-47212 | Linux Kernel up to 5.15.4 mlx5 state issue (a51a6da375d8/ba50cd9451f6)