Form Tools v3.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component...
6.1CVSS
6AI Score
0.001EPSS
An issue was discovered in Form Tools through 3.0.20. SQL Injection can occur via the export_group_id field when a low-privileged user (client) tries to export a form with data, e.g., manipulation of...
9.8CVSS
9.8AI Score
0.002EPSS
An issue was discovered in Form Tools through 3.0.20. A low-privileged user can trigger Reflected XSS when a viewing a form via the submission_id parameter, e.g.,...
5.4CVSS
5.2AI Score
0.001EPSS
An issue was discovered in Form Tools through 3.0.20. When an administrator creates a customer account, it is possible for the customer to log in and proceed with a change of name and last name. However, these fields are vulnerable to XSS payload insertion, being triggered in the admin panel when.....
6.1CVSS
6AI Score
0.002EPSS