User Interface Misrepresentation Vulnerability in Documenso
CVE-2024-52271

Currently unrated

Key Information:

Vendor

Documenso

Status
Documenso
Documenso Saas (hosted)
Vendor
CVE Published:
5 December 2024

What is CVE-2024-52271?

A critical user interface misrepresentation vulnerability exists in the Documenso Document Management Software, allowing for content spoofing. The flaw arises when a user views documents that do not correctly display layered information. Although the document may appear to present all data accurately within the application, once downloaded or printed (e.g., via Google Chrome), it fails to render all layers as intended. Only the vulnerability itself is displayed, falsely representing the document's content. This issue affects various versions of Documenso, emphasizing the need for immediate attention and remediation to ensure user data integrity and prevent potential exploitation.

Affected Version(s)

Documenso 0 <= 1.8.0

Documenso 0 <= 1.8.0

Documenso >1.8.0 > 1.8.0

References

https://www.vulsec.org/advisories
vdb-entry
https://github.com/documenso/documenso
product
https://www.documenso.com/
product

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Erez Kalman
.