CVE-2025-11442

A security flaw has been discovered in JhumanJ OpnForm up to 1.9.3. The impacted element is an unknown function of the component API Endpoint. The manipulation results in cross-site request forgery. The attack may be performed from remote. The exploit has been released to the public and may be...

CVE-2025-11441

A vulnerability was identified in JhumanJ OpnForm up to 1.9.3. The affected element is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper restriction of excessive authentication attempts. The attack is possible to be carrie...

CVE-2025-11440 JhumanJ OpnForm edit access control

A vulnerability was determined in JhumanJ OpnForm up to 1.9.3. Impacted is an unknown function of the file /edit. Executing manipulation can lead to improper access controls. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This patch is called...

CVE-2025-11437

A flaw has been found in JhumanJ OpnForm up to 1.9.3. This affects an unknown part of the file /api/open/forms/ of the component Form Editor. This manipulation causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. This issue is currentl...

PT-2025-41239

Name of the Vulnerable Software and Affected Versions JhumanJ OpnForm versions up to 1.9.3 Description A weakness exists in JhumanJ OpnForm, potentially leading to information exposure. The issue stems from a discrepancy within the Forgotten Password Handler component, specifically related to the...

PT-2025-41234

Name of the Vulnerable Software and Affected Versions JhumanJ OpnForm versions up to 1.9.3 Description A flaw exists in the processing of the /show/integrations file within JhumanJ OpnForm. Manipulation of this file can lead to missing authorization checks, potentially allowing for remote...

PT-2025-41229

Name of the Vulnerable Software and Affected Versions JhumanJ OpnForm versions up to 1.9.3 Description A flaw exists in JhumanJ OpnForm up to version 1.9.3 related to an unrestricted upload issue stemming from manipulation of an unknown functionality within the /answer file. This manipulation...

PT-2025-41235

Name of the Vulnerable Software and Affected Versions JhumanJ OpnForm versions through 1.9.3 Description A flaw exists in JhumanJ OpnForm that could allow for improper access controls. The issue is related to manipulation of an unknown function within the /edit endpoint. The exploit has been...

PT-2025-41231

Name of the Vulnerable Software and Affected Versions JhumanJ OpnForm versions up to 1.9.3 Description A flaw exists in JhumanJ OpnForm up to version 1.9.3, specifically within the Form Editor component. This issue involves manipulation of the /api/open/forms/ file, leading to cross site scriptin...