The meeting embeds feature used in the online or hybrid meetings is subject to potential XSS attack through a malformed URL.
Not available
Disable the creation of meetings by participants in the meeting component.
OWASP ASVS v4.0.3-5.1.3
This issue was discovered in a security audit organized by mitgestalten Partizipationsbüro against Decidim. The security audit was implemented by the Austrian Institute of Technology.
{ "nvd_published_at": "2024-11-13T17:15:10Z", "cwe_ids": [ "CWE-79" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-11-13T17:24:40Z" }