48 matches found
CVE-2026-28803
Open Forms allows users create and publish smart forms. Prior to 3.3.13 and 3.4.5, to be able to cosign, the cosigner receives an e-mail with instructions or a deep-link to start the cosign flow. The submission reference is communicated so that the user can retrieve the submission to be cosigned...
CVE-2026-28803
Open Forms allows users create and publish smart forms. Prior to 3.3.13 and 3.4.5, to be able to cosign, the cosigner receives an e-mail with instructions or a deep-link to start the cosign flow. The submission reference is communicated so that the user can retrieve the submission to be cosigned...
CVE-2026-28803 Open Forms possible to view submission details of other people than intended
Open Forms allows users create and publish smart forms. Prior to 3.3.13 and 3.4.5, to be able to cosign, the cosigner receives an e-mail with instructions or a deep-link to start the cosign flow. The submission reference is communicated so that the user can retrieve the submission to be cosigned...
CVE-2026-28803 Open Forms possible to view submission details of other people than intended
Open Forms allows users create and publish smart forms. Prior to 3.3.13 and 3.4.5, to be able to cosign, the cosigner receives an e-mail with instructions or a deep-link to start the cosign flow. The submission reference is communicated so that the user can retrieve the submission to be cosigned...
CVE-2026-28803 Open Forms possible to view submission details of other people than intended
Open Forms allows users create and publish smart forms. Prior to 3.3.13 and 3.4.5, to be able to cosign, the cosigner receives an e-mail with instructions or a deep-link to start the cosign flow. The submission reference is communicated so that the user can retrieve the submission to be cosigned...
EUVD-2026-11198
Open Forms allows users create and publish smart forms. Prior to 3.3.13 and 3.4.5, to be able to cosign, the cosigner receives an e-mail with instructions or a deep-link to start the cosign flow. The submission reference is communicated so that the user can retrieve the submission to be cosigned...
CVE-2026-28803
Open Forms allows users create and publish smart forms. Prior to 3.3.13 and 3.4.5, to be able to cosign, the cosigner receives an e-mail with instructions or a deep-link to start the cosign flow. The submission reference is communicated so that the user can retrieve the submission to be cosigned...
CVE-2026-28803
CVE-2026-28803 affects Open Forms with cosign flow prior to versions 3.3.13 and 3.4.5. The vulnerability allows a logged-in user to implicitly retrieve arbitrary submissions by guessing/modifying the cosign code received by email, enabling access to submission references during cosign flow. The i...
PT-2026-24717
Open Forms allows users create and publish smart forms. Prior to 3.3.13 and 3.4.5, to be able to cosign, the cosigner receives an e-mail with instructions or a deep-link to start the cosign flow. The submission reference is communicated so that the user can retrieve the submission to be cosigned...
Open Forms 访问控制错误漏洞
Open Forms is an open-source intelligent dynamic form tool. It is used to quickly create powerful and intelligent forms that can be exposed via APIs. Versions of Open Forms prior to 3.3.13 and 3.4.5 contained a access control vulnerability. This vulnerability allowed attackers to guess or modify...
CVE-2022-31040
Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a referer querystring parameter and failing to validate the value. A malicious actor is able to redirect users to a...
CVE-2025-64515
Open Forms allows users create and publish smart forms. Prior to versions 3.2.7 and 3.3.3, forms where the prefill data fields are dynamically set to readonly/disabled can be modified by malicious users deliberately trying to modify data they're not supposed to. For regular users, the form fields...
CVE-2025-64515
Open Forms allows users create and publish smart forms. Prior to versions 3.2.7 and 3.3.3, forms where the prefill data fields are dynamically set to readonly/disabled can be modified by malicious users deliberately trying to modify data they're not supposed to. For regular users, the form fields...
CVE-2025-64515 Open Forms prefill data in read-only components can be tampered
Open Forms allows users create and publish smart forms. Prior to versions 3.2.7 and 3.3.3, forms where the prefill data fields are dynamically set to readonly/disabled can be modified by malicious users deliberately trying to modify data they're not supposed to. For regular users, the form fields...
CVE-2025-64515 Open Forms prefill data in read-only components can be tampered
Open Forms allows users create and publish smart forms. Prior to versions 3.2.7 and 3.3.3, forms where the prefill data fields are dynamically set to readonly/disabled can be modified by malicious users deliberately trying to modify data they're not supposed to. For regular users, the form fields...
CVE-2025-64515 Open Forms prefill data in read-only components can be tampered
Open Forms allows users create and publish smart forms. Prior to versions 3.2.7 and 3.3.3, forms where the prefill data fields are dynamically set to readonly/disabled can be modified by malicious users deliberately trying to modify data they're not supposed to. For regular users, the form fields...
EUVD-2025-198098
Open Forms allows users create and publish smart forms. Prior to versions 3.2.7 and 3.3.3, forms where the prefill data fields are dynamically set to readonly/disabled can be modified by malicious users deliberately trying to modify data they're not supposed to. For regular users, the form fields...
CVE-2025-64515
Open Forms (Open Formulieren) is affected prior to versions 3.2.7 and 3.3.3 where prefill data fields that are dynamically set to readonly/disabled could be tampered with by malicious users. The underlying issue is that these fields can be modified despite a UI restriction, enabling data tamperin...
PT-2025-47415
Name of the Vulnerable Software and Affected Versions Open Forms versions prior to 3.2.7 Open Forms versions prior to 3.3.3 Description Open Forms enables users to create and publish smart forms. Prior to versions 3.2.7 and 3.3.3, forms with prefill data fields dynamically set to readonly or...
Open Forms 输入验证错误漏洞
Open Forms is a smart dynamic form from Open Formulieren open source. It is used to quickly create powerful and intelligent forms exposed via API. An input validation error vulnerability exists in Open Forms versions prior to 3.2.7 and prior to 3.3.3, which stems from a pre-filled data field that...