GHSA-J4GV-6X9V-V23G OMERO.web uses jquery-form library, which may be vulnerable to XSS attack

Impact OMERO.web uses the jquery-form library throughout to handle form submission and response processing. Due to some unpatched potential vulnerabilities in jquery-form, OMERO.web 5.29.2 and earlier may be susceptible to XSS attacks. Patches User should upgrade OMERO.web to 5.29.3 or higher...

OMERO.web uses jquery-form library, which may be vulnerable to XSS attack

Impact OMERO.web uses the jquery-form library throughout to handle form submission and response processing. Due to some unpatched potential vulnerabilities in jquery-form, OMERO.web 5.29.2 and earlier may be susceptible to XSS attacks. Patches User should upgrade OMERO.web to 5.29.3 or higher...

EUVD-2025-199100

OMERO.web uses jquery-form library, which may be vulnerable to XSS attack...

CVE-2022-24984

Forms generated by JQueryForm.com before 2022-02-05 if file-upload capability is enabled allow remote unauthenticated attackers to upload executable files and achieve remote code execution. This occurs because file-extension checks occur on the client side, and because not all executable content...

CVE-2022-24984

Forms generated by JQueryForm.com before 2022-02-05 if file-upload capability is enabled allow remote unauthenticated attackers to upload executable files and achieve remote code execution. This occurs because file-extension checks occur on the client side, and because not all executable content...

CVE-2022-24982

Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to access the cleartext credentials of all other form users. admin.php contains a hidden base64-encoded string with these credentials...

CVE-2022-24982

Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to access the cleartext credentials of all other form users. admin.php contains a hidden base64-encoded string with these credentials...

CVE-2022-24983

Forms generated by JQueryForm.com before 2022-02-05 allow remote attackers to obtain the URI to any uploaded file by capturing the POST response. When chained with CVE-2022-24984, this could lead to unauthenticated remote code execution on the underlying web server. This occurs because the Unique...

JqueryForm.com Jquery Form Builder 安全漏洞

JqueryForm.com Jquery Form Builder is a form builder from JqueryForm.com, Inc. An information disclosure vulnerability exists in the JqueryForm.com Jquery Form Builder, which stems from forms generated by JQueryForm.com prior to February 5, 2022 that allow a remote authenticated attacker to acces...

JqueryForm.com Jquery Form Builder 安全漏洞

JqueryForm.com Jquery Form Builder is a form builder from JqueryForm.com, Inc. A code issue vulnerability exists in the JqueryForm.com Jquery Form Builder that stems from JqueryForm.com forms generated prior to 2022-02-05 if file upload functionality is enabled that allows a remote, unauthenticat...

JqueryForm.com Jquery Form Builder 跨站脚本漏洞

JqueryForm.com Jquery Form Builder is a form builder from JqueryForm.com, Inc. JqueryForm.com Jquery Form Builder suffers from a cross-site scripting vulnerability that stems from a Reflected Cross-Site Scripting XSS vulnerability in forms generated by JQueryForm.com prior to February 5, 2022 tha...

JqueryForm.com Jquery Form Builder 安全漏洞

JqueryForm.com Jquery Form Builder is a form builder from JqueryForm.com, Inc. A security vulnerability exists in Jquery Form Builder that stems from a generated form that allows a remote, authenticated attacker to bypass authentication and access the administrative portion of other forms hosted ...

PT-2022-17032 · Unknown · Jqueryform

Name of the Vulnerable Software and Affected Versions: JQueryForm.com versions prior to 2022-02-05 Description: The issue allows a remote authenticated attacker to bypass authentication and access the administrative section of other forms hosted on the same web server. This is particularly releva...