CVE-2024-52276
Severity CVSS v4.0:
HIGH
Type:
Unavailable / Other
Publication date:
04/12/2024
Last modified:
06/01/2025
Description
User Interface (UI) Misrepresentation of Critical Information vulnerability in DocuSign allows Content Spoofing.<br />
1. Displayed version does not show the layer flattened version, which is provided when the "Print" option is used.<br />
2. Displayed version does not show the layer flattened version, which is provided when the combined download option is used.<br />
3. Displayed version does not show the layer flattened version, which is also the provided version when downloading the result in the uncombined option.<br />
Once download, If printed (e.g. via Google Chrome -> Examine the print preview): Will render the vulnerability only, not all layers are flattened.<br />
This issue affects DocuSign: through 2024-12-04.
Impact
Base Score 4.0
8.20
Severity 4.0
HIGH
Base Score 3.x
7.50
Severity 3.x
HIGH