9 matches found
EUVD-2025-31394
Malicious code in bioql PyPI...
CVE-2025-59934
Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs jwt.decode without verifying their signatures. Both the email verification token login path...
CVE-2025-59934
Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs jwt.decode without verifying their signatures. Both the email verification token login path...
CVE-2025-59934 Formbricks missing JWT signature verification
Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs jwt.decode without verifying their signatures. Both the email verification token login path...
CVE-2025-59934
Formbricks (pre-4.0.1) is affected by missing JWT signature verification. A token validation path uses jwt.decode without signature checks, allowing an attacker who knows a user’s user.id to craft a JWT with alg: none and authenticate or reset the victim’s password. The same validator is used for...
CVE-2025-59934 Formbricks missing JWT signature verification
Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs jwt.decode without verifying their signatures. Both the email verification token login path...
CVE-2025-59934 Formbricks missing JWT signature verification
Formbricks is an open source qualtrics alternative. Prior to version 4.0.1, Formbricks is missing JWT signature verification. This vulnerability stems from a token validation routine that only decodes JWTs jwt.decode without verifying their signatures. Both the email verification token login path...
PT-2025-39695
Name of the Vulnerable Software and Affected Versions Formbricks versions prior to 4.0.1 Description Formbricks, an open source qualtrics alternative, is affected by a missing JWT signature verification issue. The token validation routine only decodes JWTs without verifying their signatures,...
formbricks 数据伪造问题漏洞
formbricks is an open source survey system from Formbricks. A data forgery issue vulnerability exists in versions prior to formbricks 4.0.1 that stems from a lack of JWT signature validation, which could lead to arbitrary JWT forgery and password resets...