The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Cross-site Scripting (XSS) vulnerabilities in an interactive lesson.
Start learningUpgrade decidim-core
to version 0.27.5 or higher.
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the dynamic file upload feature. An attacker can modify the file names of the records being uploaded to the server, which could lead to the execution of malicious scripts. This vulnerability is present in sections where the user controls the file upload dialogs and has the technical capability to alter the file names through the dynamic upload endpoint. To exploit this vulnerability, the attacker would need to control the session of a particular user, successfully upload a file blob with a malicious file name to the server, and then direct another user to the edit page of the record where the file is attached. Users can craft direct upload requests, controlling the file name stored in the database. The attacker can change the filename, for example, to <svg onload=alert('XSS')>
, if they know how to craft these requests. They can then enter the returned blob ID into the form inputs manually by modifying the edit page source.
This vulnerability can be mitigated by disabling dynamic uploads for the instance, e.g., from proposals.