CVE-2024-32034: Decidim::Admin vulnerable to cross-site scripting (XSS) in the admin activity log
The admin panel is subject to potential XSS attach in case an admin assigns a valuator to a proposal, or does any other action that generates an admin activity log where one of the resources has an XSS crafted.
References
Detect and mitigate CVE-2024-32034 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →