6 matches found
Improper Access Control
formcms is vulnerable to Improper Access Control. The vulnerability is due to insufficient authentication checks on the /api/schemas/history/schemaId endpoint, which allows an attacker to access historical schema data if a valid schemaId is known or guessed...
EUVD-2025-31748
Malicious code in bioql PyPI...
CVE-2025-55797
An improper access control vulnerability in FormCms v0.5.4 in the /api/schemas/history/schemaId endpoint allows unauthenticated attackers to access historical schema data if a valid schemaId is known or guessed...
PT-2025-40039
An improper access control vulnerability in FormCms v0.5.4 in the /api/schemas/history/schemaId endpoint allows unauthenticated attackers to access historical schema data if a valid schemaId is known or guessed...
CVE-2025-55797
An improper access control vulnerability in FormCms v0.5.4 in the /api/schemas/history/schemaId endpoint allows unauthenticated attackers to access historical schema data if a valid schemaId is known or guessed...
CVE-2025-55797
CVE-2025-55797 affects FormCms v0.5.4. The /api/schemas/history/[schemaId] endpoint has improper access control, allowing unauthenticated attackers to access historical schema data when a valid schemaId is known or guessed. CVSSv3.1 base score is 6.5 (MEDIUM) with Network attack vector, low confi...