Opnform
by Jhumanj
Source repositories
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-11438 | Med | 0.41 | 6.3 | 0.00 | Oct 8, 2025 | A vulnerability has been found in JhumanJ OpnForm up to 1.9.3. This vulnerability affects unknown code of the file /custom-domains of the component API Endpoint. Such manipulation leads to missing authorization. The attack may be launched remotely. The exploit has been disclosed… | ||
| CVE-2025-11436 | Med | 0.41 | 6.3 | 0.00 | Oct 8, 2025 | A vulnerability was detected in JhumanJ OpnForm up to 1.9.3. Affected by this issue is some unknown functionality of the file /answer. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit is now public and may be used. The patch is… | ||
| CVE-2025-11442 | Med | 0.28 | 4.3 | 0.00 | Oct 8, 2025 | A security flaw has been discovered in JhumanJ OpnForm up to 1.9.3. The impacted element is an unknown function of the component API Endpoint. The manipulation results in cross-site request forgery. The attack may be performed from remote. The exploit has been released to the… | ||
| CVE-2025-11440 | Med | 0.28 | 4.3 | 0.00 | Oct 8, 2025 | A vulnerability was determined in JhumanJ OpnForm up to 1.9.3. Impacted is an unknown function of the file /edit. Executing manipulation can lead to improper access controls. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This… | ||
| CVE-2025-11439 | Med | 0.28 | 4.3 | 0.00 | Oct 8, 2025 | A vulnerability was found in JhumanJ OpnForm up to 1.9.3. This issue affects some unknown processing of the file /show/integrations. Performing manipulation results in missing authorization. Remote exploitation of the attack is possible. The exploit has been made public and… | ||
| CVE-2025-11435 | Med | 0.28 | 4.3 | 0.00 | Oct 8, 2025 | A security vulnerability has been detected in JhumanJ OpnForm up to 1.9.3. Affected by this vulnerability is an unknown functionality of the file /show/submissions. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been… | ||
| CVE-2025-11443 | Low | 0.24 | 3.7 | 0.01 | Oct 8, 2025 | A weakness has been identified in JhumanJ OpnForm up to 1.9.3. This affects an unknown function of the file /api/password/email of the component Forgotten Password Handler. This manipulation causes information exposure through discrepancy. It is possible to initiate the attack… | ||
| CVE-2025-11441 | Low | 0.24 | 3.7 | 0.01 | Oct 8, 2025 | A vulnerability was identified in JhumanJ OpnForm up to 1.9.3. The affected element is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of excessive authentication attempts. The attack is… | ||
| CVE-2025-11437 | Low | 0.16 | 2.4 | 0.00 | Oct 8, 2025 | A flaw has been found in JhumanJ OpnForm up to 1.9.3. This affects an unknown part of the file /api/open/forms/ of the component Form Editor. This manipulation causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. This… |
- risk 0.41cvss 6.3epss 0.00
A vulnerability has been found in JhumanJ OpnForm up to 1.9.3. This vulnerability affects unknown code of the file /custom-domains of the component API Endpoint. Such manipulation leads to missing authorization. The attack may be launched remotely. The exploit has been disclosed…
- risk 0.41cvss 6.3epss 0.00
A vulnerability was detected in JhumanJ OpnForm up to 1.9.3. Affected by this issue is some unknown functionality of the file /answer. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit is now public and may be used. The patch is…
- risk 0.28cvss 4.3epss 0.00
A security flaw has been discovered in JhumanJ OpnForm up to 1.9.3. The impacted element is an unknown function of the component API Endpoint. The manipulation results in cross-site request forgery. The attack may be performed from remote. The exploit has been released to the…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was determined in JhumanJ OpnForm up to 1.9.3. Impacted is an unknown function of the file /edit. Executing manipulation can lead to improper access controls. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This…
- risk 0.28cvss 4.3epss 0.00
A vulnerability was found in JhumanJ OpnForm up to 1.9.3. This issue affects some unknown processing of the file /show/integrations. Performing manipulation results in missing authorization. Remote exploitation of the attack is possible. The exploit has been made public and…
- risk 0.28cvss 4.3epss 0.00
A security vulnerability has been detected in JhumanJ OpnForm up to 1.9.3. Affected by this vulnerability is an unknown functionality of the file /show/submissions. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been…
- risk 0.24cvss 3.7epss 0.01
A weakness has been identified in JhumanJ OpnForm up to 1.9.3. This affects an unknown function of the file /api/password/email of the component Forgotten Password Handler. This manipulation causes information exposure through discrepancy. It is possible to initiate the attack…
- risk 0.24cvss 3.7epss 0.01
A vulnerability was identified in JhumanJ OpnForm up to 1.9.3. The affected element is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of excessive authentication attempts. The attack is…
- risk 0.16cvss 2.4epss 0.00
A flaw has been found in JhumanJ OpnForm up to 1.9.3. This affects an unknown part of the file /api/open/forms/ of the component Form Editor. This manipulation causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. This…