CVE-2025-55797
CVE-2025-55797 affects FormCms v0.5.4. The /api/schemas/history/[schemaId] endpoint has improper access control, allowing unauthenticated attackers to access historical schema data when a valid schemaId is known or guessed. CVSSv3.1 base score is 6.5 (MEDIUM) with Network attack vector, low confi...