Product
An authentication bypass vulnerability in Decidim allows any registered user to accept or reject amendments, potentially granting them co-author status on affected proposals; versions 0.19.0 through 0.30.5 and 0.31.0.rc1 through 0.31.1 are affected.