Today > | 2 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2024-52277

Dec. 5, 2024, 2:15 p.m.

Tags

CWE-451
2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
2024-12-04
CVE-2024-52277

Product(s) Impacted

DocuSeal

  • through 1.8.1
  • >1.8.1

Description

User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSeal allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened. This issue affects DocuSeal: through 1.8.1, >1.8.1.

Weaknesses

CWE-451
User Interface (UI) Misrepresentation of Critical Information

The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.

CWE ID: 451

Date

Published: Dec. 4, 2024, 11:30 a.m.

Last Modified: Dec. 5, 2024, 2:15 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe

References

https://docuseal.com/ 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
https://docuseal.eu/ 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
https://github.com/ 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe
https://www.vulsec.org/ 2fdefc65-d750-4b8d-96ee-6e2c0c42dbfe