3 matches found
CVE-2022-31041 Insufficient content-type validation for uploaded files in open-forms
Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users e.g. only PDF / Excel / .... The input validation of uploaded fil...
CVE-2022-31041 Insufficient content-type validation for uploaded files in open-forms
Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users e.g. only PDF / Excel / .... The input validation of uploaded fil...
CVE-2022-31041
Open Forms prior to versions 1.0.9 and 1.1.1 are affected by insufficient input validation for uploaded files, allowing end users to bypass extension-based checks by stripping or altering file extensions. This can lead to uploaded files being misrepresented as another type and potentially downloa...