7 matches found
Improper Access Control
formcms is vulnerable to Improper Access Control. The vulnerability is due to insufficient authentication checks on the /api/schemas/history/schemaId endpoint, which allows an attacker to access historical schema data if a valid schemaId is known or guessed...
EUVD-2025-31748
Malicious code in bioql PyPI...
CVE-2025-55797
An improper access control vulnerability in FormCms v0.5.4 in the /api/schemas/history/schemaId endpoint allows unauthenticated attackers to access historical schema data if a valid schemaId is known or guessed...
PT-2025-40005
Name of the Vulnerable Software and Affected Versions FormCms version 0.5.4 Description An access control issue exists in FormCms version 0.5.4. An unauthenticated attacker can access historical schema data via the /api/schemas/history/schemaId API endpoint if a valid schemaId is known or guessed...
CVE-2025-55797
An improper access control vulnerability in FormCms v0.5.4 in the /api/schemas/history/schemaId endpoint allows unauthenticated attackers to access historical schema data if a valid schemaId is known or guessed...
CVE-2025-55797
CVE-2025-55797 affects FormCms v0.5.4. The /api/schemas/history/[schemaId] endpoint has improper access control, allowing unauthenticated attackers to access historical schema data when a valid schemaId is known or guessed. CVSSv3.1 base score is 6.5 (MEDIUM) with Network attack vector, low confi...
PT-2025-40039
An improper access control vulnerability in FormCms v0.5.4 in the /api/schemas/history/schemaId endpoint allows unauthenticated attackers to access historical schema data if a valid schemaId is known or guessed...