Today > | 10 High | 17 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-52271

Dec. 5, 2024, 5:15 p.m.

Tags

CWE-451
2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
2024-12-05
CVE-2024-52271

Product(s) Impacted

Documenso

  • through 1.8.0
  • >1.8.0
  • Documenso SaaS (Hosted)

Description

User Interface (UI) Misrepresentation of Critical Information vulnerability in Documenso allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened. This issue affects Documenso: through 1.8.0, >1.8.0 and Documenso SaaS (Hosted) as of 2024-12-05.

Weaknesses

CWE-451
User Interface (UI) Misrepresentation of Critical Information

The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.

CWE ID: 451

Date

Published: Dec. 5, 2024, 2:15 p.m.

Last Modified: Dec. 5, 2024, 5:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe

References

https://github.com/ 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
https://github.com/ 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
https://www.documenso.com/ 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
https://www.vulsec.org/ 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe