Docassemble is an expert system for guided interviews and document assembly. The vulnerability allows attackers to gain unauthorized access to information on the system through URL manipulation. It affects versions 1.4.53 to 1.4.96. The vulnerability has been patched in version 1.4.97 of the master branch.
References
Configurations
No configuration.
History
21 Nov 2024, 09:04
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References | () https://github.com/jhpyle/docassemble/commit/97f77dc486a26a22ba804765bfd7058aabd600c9 - | |
References | () https://github.com/jhpyle/docassemble/security/advisories/GHSA-jq57-3w7p-vwvv - |
21 Mar 2024, 02:52
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-03-21 02:52
Updated : 2024-11-21 09:04
NVD link : CVE-2024-27292
Mitre link : CVE-2024-27292
CVE.ORG link : CVE-2024-27292
JSON object : View
Products Affected
No product.
CWE
CWE-706
Use of Incorrectly-Resolved Name or Reference