CVE-2025-23041

Umbraco.Forms is a web form framework written for the nuget ecosystem. Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. This issue has been patched in versions 8.13.16, 10.5.7, 13.2.2, and 14.1.2. Users are advised to upgrade...

EUVD-2025-0070

Malicious code in bioql PyPI...

CVE-2022-4171

The demon image annotation plugin for WordPress is vulnerable to improper input validation in versions up to, and including 5.0. This is due to the plugin improperly validating the number of characters supplied during an annotation despite there being a setting to limit the number characters inpu...

Insufficient Input Validation

Umbraco.Forms is vulnerable to insufficient input validation. The vulnerability is due to lack of server-side validation for the character limits. While the client-side validation enforces these limits in the browser, it can be bypassed by manipulating the request before it reaches the server...

Umbraco Forms's Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length

Impact Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. Patches Patched in 8.13.16, 10.5.7, 13.2.2, 14.1.2...

Improper Input Validation

Overview Umbraco.Forms is an a form creator that's as easy to use. Affected versions of this package are vulnerable to Improper Input Validation due to the lack of server-side validation for character limits in short and long answer fields. An attacker can bypass client-side validations and submi...

GHSA-9V8M-QV22-F268 Umbraco Forms's Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length

Impact Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. Patches Patched in 8.13.16, 10.5.7, 13.2.2, 14.1.2...

CVE-2025-23041 Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length in Umbraco.Forms

Umbraco.Forms is a web form framework written for the nuget ecosystem. Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. This issue has been patched in versions 8.13.16, 10.5.7, 13.2.2, and 14.1.2. Users are advised to upgrade...

CVE-2025-23041 Short and Long Answer Fields Are Not Validated Server-Side For Maximum Length in Umbraco.Forms

Umbraco.Forms is a web form framework written for the nuget ecosystem. Character limits configured by editors for short and long answer fields are validated only client-side, not server-side. This issue has been patched in versions 8.13.16, 10.5.7, 13.2.2, and 14.1.2. Users are advised to upgrade...

Umbraco Forms 输入验证错误漏洞

Umbraco Forms is a form builder. An input validation error vulnerability exists in Umbraco Forms that stems from a short and long answer field character restriction for client-side validation only, which could lead to a data injection attack...

CVE-2024-37992

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT 6GT2811-6BC10-2AA0 All versions V4.2, SIMATIC Reader RF610R ETSI 6GT2811-6BC10-0AA0 All versions V4.2, SIMATIC Reader RF610R FCC 6GT2811-6BC10-1AA0 All versions V4.2, SIMATIC Reader RF615R CMIIT 6GT2811-6CC10-2AA0 All versions V4....

PT-2024-7408 · Siemens · Simatic Reader Rf615R +11

Name of the Vulnerable Software and Affected Versions: SIMATIC Reader RF610R CMIIT versions prior to V4.2 SIMATIC Reader RF610R ETSI versions prior to V4.2 SIMATIC Reader RF610R FCC versions prior to V4.2 SIMATIC Reader RF615R CMIIT versions prior to V4.2 SIMATIC Reader RF615R ETSI versions prior...

Mattermost 资源管理错误漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a denial of service vulnerability that stems from an inability to properly limit the characters allowed in different fields of a block in Mattermost Boards, which can be exploit...

CVE-2023-5196

Mattermost fails to enforce character limits in all possible notification props allowing an attacker to send a really long value for a notificationprop resulting in the server consuming an abnormal quantity of computing resources and possibly becoming temporarily unavailable for its users...

PT-2023-31904 · Unknown · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: Mattermost fails to enforce character limits in all possible notification props, allowing an attacker to send a really long value for a notification prop, resulting in the server consumi...

PT-2022-26039 · WordPress · Demon Image Annotation Plugin

Name of the Vulnerable Software and Affected Versions: demon image annotation plugin for WordPress versions up to, and including 5.0 Description: The issue arises from improper input validation in the plugin, specifically when handling the number of characters supplied during an annotation. Despi...