编号撤回

“form” is a form state management program developed by TanStack. “R” is a statistical computing software provided by The R Foundation. This CVE number has been withdrawn...

Google Chrome 安全漏洞

Google Chrome is a web browser. v8 is one of the open source JavaScript engines. form is a form state manager. A security vulnerability exists in Google Chrome, which stems from an improper storage implementation that could lead to data disclosure or elevation of privilege...

Form validation can be skipped

Impact By crafting a special GET request containing a valid form state, a form can be submitted without invoking any validators. We consider the severity low because it is not possible to change any form values since the form state is secured with an HMAC that is still verified. That means that...

Form validation can be skipped in neos/form

Impact By crafting a special GET request containing a valid form state, a form can be submitted without invoking any validators. We consider the severity low because it is not possible to change any form values since the form state is secured with an HMAC that is still verified. That means that...

Neos/forms 输入验证错误漏洞

Neos/forms is an open source framework for building web forms. A security vulnerability exists in Neos/forms where the program can submit a form without invoking any validator by creating a special "GET" request that contains valid form state...

Accentis Cross-Site Scripting Vulnerability

Accentis is a suite of management software for ERP, CRM, payroll, production and inventory management. Accentis fails to properly filter the 'ctl00$cphcontent$uigformState' parameter, allowing remote attackers to exploit the vulnerability by injecting malicious script or HTML code, obtaining...