Formie: Pre-authenticated server-side template injection in Hidden fields

Impact - Unauthenticated users could submit crafted values into Hidden fields with Default value → Custom that were evaluated as Twig during submission handling, which could lead to serious compromise of the Craft site depending on template/sandbox behavior. - Sites with public Formie forms that...

GHSA-X7M9-MWC2-G6W2 Formie: Pre-authenticated server-side template injection in Hidden fields

Impact - Unauthenticated users could submit crafted values into Hidden fields with Default value → Custom that were evaluated as Twig during submission handling, which could lead to serious compromise of the Craft site depending on template/sandbox behavior. - Sites with public Formie forms that...

PT-2026-41792

Name of the Vulnerable Software and Affected Versions Formie versions prior to 2.2.20 Formie versions prior to 3.1.24 Description Unauthenticated users can submit crafted values into Hidden fields configured with a Custom default value. These values are evaluated as Twig during submission handlin...

CVE-2026-44719

Mathesar is a web application that makes working with PostgreSQL databases both simple and powerful. From 0.2.0 to before 0.10.0, collaborators.list, tables.metadata.list, explorations.list, and forms.list accept a databaseid without verifying that the requesting user was a collaborator on that...

CVE-2026-44719

Mathesar is a web application that makes working with PostgreSQL databases both simple and powerful. From 0.2.0 to before 0.10.0, collaborators.list, tables.metadata.list, explorations.list, and forms.list accept a databaseid without verifying that the requesting user was a collaborator on that...

CVE-2026-44719

Mathesar (Web app for PostgreSQL) fixed a privilege check vulnerability in versions 0.2.0–0.09.x. Endpoints such as collaborators.list, tables.metadata.list, explorations.list, and forms.list accepted a database_id without verifying that the requester was a collaborator, allowing an authenticated...

CVE-2026-2471

The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. This is due to the BaseModel class constructor calling maybeunserialize on all properties retrieved...

BookStack Incorrect Access Control vulnerability

Incorrect access control in BookStack before v24.05.1 allows attackers to confirm existing system users and perform targeted notification email DoS via public facing forms...

BookStack Security Breach

BookStack is a simple, self-hosted, easy-to-use platform from BookStack, Inc. for organizing and storing information. A security vulnerability exists in BookStack versions prior to v24.05.1 that stems from the presence of faulty access controls that allow an attacker to identify existing system...

PT-2024-27119 · Bookstack · Bookstack

Name of the Vulnerable Software and Affected Versions: BookStack versions prior to 24.05.1 Description: The issue is related to incorrect access control, allowing attackers to confirm existing system users and perform targeted notification email Denial of Service DoS via public-facing forms...