Decidim amendments can be accepted or rejected by anyone

Decidim is a participatory democracy framework. Starting in version 0.19.0 and prior to versions 0.30.5 and 0.31.1, a vulnerability allows any registered and authenticated user to accept or reject any amendments. The impact is on any users who have created proposals where the amendments feature is enabled. This also elevates the user accepting the amendment as the author of the original proposal as people amending proposals are provided coauthorship on the coauthorable resources. Versions 0.30.5 and 0.31.1 fix the issue. As a workaround, disable amendment reactions for the amendable component (e.g. proposals).

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

特权授予不正确

Decidim 安全漏洞

Decidim是Decidim开源的一个参与式民主框架，用 Ruby on Rails 编写。 Decidim 0.19.0版本至0.30.5和0.31.1之前版本存在安全漏洞，该漏洞源于允许任何注册且经过身份验证的用户接受或拒绝任何修订，可能导致用户权限提升。

N/A

N/A