3 matches found
CVE-2022-31040 Open Redirect in open-forms
Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a referer querystring parameter and failing to validate the value. A malicious actor is able to redirect users to a...
CVE-2022-31040
CVE-2022-31040 affects Open Forms before versions 1.0.9 and 1.1.1, where the cookie consent page contains an open redirect via an injectable referer query parameter. The issue enables phishing redirects initiated by the Open Forms backend on a legitimate page. Connected sources confirm patches in...
CVE-2022-31040 Open Redirect in open-forms
Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a referer querystring parameter and failing to validate the value. A malicious actor is able to redirect users to a...