CVE-2024-27291

CVSS V2 None CVSS V3 None
Description
Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch.
Overview
  • CVE ID
  • CVE-2024-27291
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-02-29T21:49:26.633Z
  • Last Modified Date
  • 2024-02-29T21:49:26.633Z
Weakness Enumerations
CWE URL
CWE-601 http://cwe.mitre.org/data/definitions/601.html
References
Reference URL Reference Tags
https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr x_refsource_CONFIRM
https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa x_refsource_MISC
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2024-27291
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-27291
History
Created Old Value New Value Data Type Notes
2024-06-26 01:30:00 Added to TrackCVE