EUVD-2025-199100

OMERO.web uses jquery-form library, which may be vulnerable to XSS attack...

GHSA-J4GV-6X9V-V23G OMERO.web uses jquery-form library, which may be vulnerable to XSS attack

Impact OMERO.web uses the jquery-form library throughout to handle form submission and response processing. Due to some unpatched potential vulnerabilities in jquery-form, OMERO.web 5.29.2 and earlier may be susceptible to XSS attacks. Patches User should upgrade OMERO.web to 5.29.3 or higher...

OMERO.web uses jquery-form library, which may be vulnerable to XSS attack

Impact OMERO.web uses the jquery-form library throughout to handle form submission and response processing. Due to some unpatched potential vulnerabilities in jquery-form, OMERO.web 5.29.2 and earlier may be susceptible to XSS attacks. Patches User should upgrade OMERO.web to 5.29.3 or higher...

CVE-2022-24984

Forms generated by JQueryForm.com before 2022-02-05 if file-upload capability is enabled allow remote unauthenticated attackers to upload executable files and achieve remote code execution. This occurs because file-extension checks occur on the client side, and because not all executable content...

CVE-2022-24984

Forms generated by JQueryForm.com before 2022-02-05 if file-upload capability is enabled allow remote unauthenticated attackers to upload executable files and achieve remote code execution. This occurs because file-extension checks occur on the client side, and because not all executable content...

CVE-2022-24983

Forms generated by JQueryForm.com before 2022-02-05 allow remote attackers to obtain the URI to any uploaded file by capturing the POST response. When chained with CVE-2022-24984, this could lead to unauthenticated remote code execution on the underlying web server. This occurs because the Unique...

CVE-2022-24982

Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to access the cleartext credentials of all other form users. admin.php contains a hidden base64-encoded string with these credentials...

CVE-2022-24982

Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to access the cleartext credentials of all other form users. admin.php contains a hidden base64-encoded string with these credentials...

JqueryForm.com Jquery Form Builder 跨站脚本漏洞

JqueryForm.com Jquery Form Builder is a form builder from JqueryForm.com, Inc. JqueryForm.com Jquery Form Builder suffers from a cross-site scripting vulnerability that stems from a Reflected Cross-Site Scripting XSS vulnerability in forms generated by JQueryForm.com prior to February 5, 2022 tha...

JqueryForm.com Jquery Form Builder 安全漏洞

JqueryForm.com Jquery Form Builder is a form builder from JqueryForm.com, Inc. A code issue vulnerability exists in the JqueryForm.com Jquery Form Builder that stems from JqueryForm.com forms generated prior to 2022-02-05 if file upload functionality is enabled that allows a remote, unauthenticat...

PT-2022-17032 · Unknown · Jqueryform

Name of the Vulnerable Software and Affected Versions: JQueryForm.com versions prior to 2022-02-05 Description: The issue allows a remote authenticated attacker to bypass authentication and access the administrative section of other forms hosted on the same web server. This is particularly releva...

JqueryForm.com Jquery Form Builder 安全漏洞

JqueryForm.com Jquery Form Builder is a form builder from JqueryForm.com, Inc. An information disclosure vulnerability exists in the JqueryForm.com Jquery Form Builder, which stems from forms generated by JQueryForm.com prior to February 5, 2022 that allow a remote authenticated attacker to acces...

JqueryForm.com Jquery Form Builder 安全漏洞

JqueryForm.com Jquery Form Builder is a form builder from JqueryForm.com, Inc. A security vulnerability exists in Jquery Form Builder that stems from a generated form that allows a remote, authenticated attacker to bypass authentication and access the administrative portion of other forms hosted ...