CVE-2024-52271

EUVD-2024-46112
User Interface (UI) Misrepresentation of Critical Information vulnerability in Documenso allows Content Spoofing.Displayed version does not show the layer flattened version, once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened.


This issue affects Documenso: through 1.8.0, >1.8.0 and Documenso SaaS (Hosted) as of 2024-12-05.
UI
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
documensodocumenso
𝑥
≤ 1.8.0
ADP
documensodocumenso
𝑥
≤ 2024-12-05
ADP
Common Weakness Enumeration
References
https://github.com/documenso/documenso
https://github.com/documenso/documenso/issues/1512
https://www.documenso.com/
https://www.vulsec.org/advisories