Vulnerability-Lookup

CVE-2024-27291 (GCVE-0-2024-27291)

Vulnerability from cvelistv5 – Published: 2024-02-29 21:49 – Updated: 2024-08-05 17:12

Title

Docassemble open redirect

Summary

Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch.

Severity ?

6.1 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/jhpyle/docassemble/security/ad…	x_refsource_CONFIRM
	https://github.com/jhpyle/docassemble/commit/4801…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	jhpyle	docassemble	Affected: < 1.4.97

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:27:59.899Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr"
          },
          {
            "name": "https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27291",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-05T17:12:03.385073Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:12:17.718Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "docassemble",
          "vendor": "jhpyle",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.4.97"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-601",
              "description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-29T21:49:26.633Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr"
        },
        {
          "name": "https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa"
        }
      ],
      "source": {
        "advisory": "GHSA-7wxf-r2qv-9xwr",
        "discovery": "UNKNOWN"
      },
      "title": "Docassemble open redirect"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-27291",
    "datePublished": "2024-02-29T21:49:26.633Z",
    "dateReserved": "2024-02-22T18:08:38.874Z",
    "dateUpdated": "2024-08-05T17:12:17.718Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-27291\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2024-03-21T02:52:19.343\",\"lastModified\":\"2025-09-02T13:39:33.873\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch.\"},{\"lang\":\"es\",\"value\":\"Docassemble es un sistema experto para entrevistas guiadas y montaje de documentos. Antes de la versi\u00f3n 1.4.97, era posible crear una URL que actuara como redireccionamiento abierto. La vulnerabilidad ha sido parcheada en la versi\u00f3n 1.4.97 de la rama maestra.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-601\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jhpyle:docassemble:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.4.97\",\"matchCriteriaId\":\"827A1F6D-7A85-483C-826A-51BF77A12047\"}]}]}],\"references\":[{\"url\":\"https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr\", \"name\": \"https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa\", \"name\": \"https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:27:59.899Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-27291\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-05T17:12:03.385073Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-05T17:12:12.818Z\"}}], \"cna\": {\"title\": \"Docassemble open redirect\", \"source\": {\"advisory\": \"GHSA-7wxf-r2qv-9xwr\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"jhpyle\", \"product\": \"docassemble\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.4.97\"}]}], \"references\": [{\"url\": \"https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr\", \"name\": \"https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa\", \"name\": \"https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-601\", \"description\": \"CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-02-29T21:49:26.633Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-27291\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-05T17:12:17.718Z\", \"dateReserved\": \"2024-02-22T18:08:38.874Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-02-29T21:49:26.633Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2024-27291

Vulnerability from fkie_nvd - Published: 2024-03-21 02:52 - Updated: 2025-09-02 13:39

Severity ?

6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa	Patch
security-advisories@github.com	https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa	Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr	Patch, Third Party Advisory

Impacted products

	Vendor	Product	Version
	jhpyle	docassemble	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:jhpyle:docassemble:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "827A1F6D-7A85-483C-826A-51BF77A12047",
              "versionEndExcluding": "1.4.97",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch."
    },
    {
      "lang": "es",
      "value": "Docassemble es un sistema experto para entrevistas guiadas y montaje de documentos. Antes de la versi\u00f3n 1.4.97, era posible crear una URL que actuara como redireccionamiento abierto. La vulnerabilidad ha sido parcheada en la versi\u00f3n 1.4.97 de la rama maestra."
    }
  ],
  "id": "CVE-2024-27291",
  "lastModified": "2025-09-02T13:39:33.873",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-03-21T02:52:19.343",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-601"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

GSD-2024-27291

Vulnerability from gsd - Updated: 2024-02-23 06:03

Details

Aliases

CVE-2024-27291

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-27291"
      ],
      "details": "Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch.",
      "id": "GSD-2024-27291",
      "modified": "2024-02-23T06:03:43.506108Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2024-27291",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "docassemble",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "\u003c 1.4.97"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "jhpyle"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-601",
                "lang": "eng",
                "value": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr",
            "refsource": "MISC",
            "url": "https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr"
          },
          {
            "name": "https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa",
            "refsource": "MISC",
            "url": "https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-7wxf-r2qv-9xwr",
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "Docassemble is an expert system for guided interviews and document assembly. Prior to 1.4.97, it is possible to create a URL that acts as an open redirect. The vulnerability has been patched in version 1.4.97 of the master branch."
          },
          {
            "lang": "es",
            "value": "Docassemble es un sistema experto para entrevistas guiadas y montaje de documentos. Antes de la versi\u00f3n 1.4.97, era posible crear una URL que actuara como redireccionamiento abierto. La vulnerabilidad ha sido parcheada en la versi\u00f3n 1.4.97 de la rama maestra."
          }
        ],
        "id": "CVE-2024-27291",
        "lastModified": "2024-03-21T12:58:51.093",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "exploitabilityScore": 2.8,
              "impactScore": 2.7,
              "source": "security-advisories@github.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2024-03-21T02:52:19.343",
        "references": [
          {
            "source": "security-advisories@github.com",
            "url": "https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa"
          },
          {
            "source": "security-advisories@github.com",
            "url": "https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr"
          }
        ],
        "sourceIdentifier": "security-advisories@github.com",
        "vulnStatus": "Awaiting Analysis",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-601"
              }
            ],
            "source": "security-advisories@github.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

GHSA-7WXF-R2QV-9XWR

Vulnerability from github – Published: 2024-02-29 22:14 – Updated: 2024-03-21 18:25

Summary

Docassemble open redirect

Details

Impact

It is possible to create a URL that acts as an open redirect.

Patches

The vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched.

Workarounds

If upgrading is not possible, manually apply the changes of 4801ac7 and restart the server (e.g., by pressing Save on the Configuration screen).

Credit

The vulnerability was discovered by Riyush Ghimire (@richighimi).

For more information

If you have any questions or comments about this advisory:

Open an issue in docassemble
Join the Slack channel
Email us at jhpyle@gmail.com

Severity ?

6.1 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "docassemble.webapp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.4.97"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2024-27291"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-601"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2024-02-29T22:14:47Z",
    "nvd_published_at": "2024-03-21T02:52:19Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\nIt is possible to create a URL that acts as an open redirect.\n\n### Patches\nThe vulnerability has been patched in version 1.4.97 of the master branch. The Docker image on docker.io has been patched.\n\n### Workarounds\nIf upgrading is not possible, manually apply the changes of [4801ac7](https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa) and restart the server (e.g., by pressing Save on the Configuration screen).\n\n### Credit\n\nThe vulnerability was discovered by Riyush Ghimire (@richighimi).\n\n### For more information\nIf you have any questions or comments about this advisory:\n\n* Open an issue in [docassemble](https://github.com/jhpyle/docassemble/issues)\n* Join the [Slack channel](https://join.slack.com/t/docassemble/shared_invite/zt-2cspzjo9j-YyE7SrLmi5muAvnPv~Bz~A)\n* Email us at jhpyle@gmail.com",
  "id": "GHSA-7wxf-r2qv-9xwr",
  "modified": "2024-03-21T18:25:19Z",
  "published": "2024-02-29T22:14:47Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27291"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/jhpyle/docassemble"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Docassemble open redirect"
}

CNVD-2025-09226

Vulnerability from cnvd - Published: 2025-05-08

Title

Docassemble开放重定向漏洞

Description

Docassemble是一个免费的开源专家系统，用于指导访谈和文档组装。 Docassemble 1.4.97之前版本存在开放重定向漏洞，该漏洞源于系统未对目标跳转做合理处理，攻击者可利用该漏洞将用户重定向的恶意网站从事钓鱼等攻击。

Severity

中

Patch Name

Docassemble开放重定向漏洞的补丁

Patch Description

Docassemble是一个免费的开源专家系统，用于指导访谈和文档组装。 Docassemble 1.4.97之前版本存在开放重定向漏洞，该漏洞源于系统未对目标跳转做合理处理，攻击者可利用该漏洞将用户重定向的恶意网站从事钓鱼等攻击。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa

Reference

https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr

Impacted products

Name
Jonathan Pyle Docassemble <1.4.97

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-27291",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-27291"
    }
  },
  "description": "Docassemble\u662f\u4e00\u4e2a\u514d\u8d39\u7684\u5f00\u6e90\u4e13\u5bb6\u7cfb\u7edf\uff0c\u7528\u4e8e\u6307\u5bfc\u8bbf\u8c08\u548c\u6587\u6863\u7ec4\u88c5\u3002\n\nDocassemble 1.4.97\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7cfb\u7edf\u672a\u5bf9\u76ee\u6807\u8df3\u8f6c\u505a\u5408\u7406\u5904\u7406\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u7684\u6076\u610f\u7f51\u7ad9\u4ece\u4e8b\u9493\u9c7c\u7b49\u653b\u51fb\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-09226",
  "openTime": "2025-05-08",
  "patchDescription": "Docassemble\u662f\u4e00\u4e2a\u514d\u8d39\u7684\u5f00\u6e90\u4e13\u5bb6\u7cfb\u7edf\uff0c\u7528\u4e8e\u6307\u5bfc\u8bbf\u8c08\u548c\u6587\u6863\u7ec4\u88c5\u3002\r\n\r\nDocassemble 1.4.97\u4e4b\u524d\u7248\u672c\u5b58\u5728\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7cfb\u7edf\u672a\u5bf9\u76ee\u6807\u8df3\u8f6c\u505a\u5408\u7406\u5904\u7406\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u7528\u6237\u91cd\u5b9a\u5411\u7684\u6076\u610f\u7f51\u7ad9\u4ece\u4e8b\u9493\u9c7c\u7b49\u653b\u51fb\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Docassemble\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Jonathan Pyle Docassemble \u003c1.4.97"
  },
  "referenceLink": "https://github.com/jhpyle/docassemble/security/advisories/GHSA-7wxf-r2qv-9xwr",
  "serverity": "\u4e2d",
  "submitTime": "2024-03-26",
  "title": "Docassemble\u5f00\u653e\u91cd\u5b9a\u5411\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-27291 (GCVE-0-2024-27291)

FKIE_CVE-2024-27291

GSD-2024-27291

GHSA-7WXF-R2QV-9XWR

Impact

Patches

Workarounds

Credit

For more information

CNVD-2025-09226

Tags

Sightings

Nomenclature