Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2021-38143
- EPSS 1.19%
- Veröffentlicht 31.08.2021 05:15:06
- Zuletzt bearbeitet 21.11.2024 06:16:28
An issue was discovered in Form Tools through 3.0.20. When an administrator creates a customer account, it is possible for the customer to log in and proceed with a change of name and last name. However, these fields are vulnerable to XSS payload ins...
5.4
CVE-2021-38144
- EPSS 0.45%
- Veröffentlicht 31.08.2021 05:15:06
- Zuletzt bearbeitet 21.11.2024 06:16:28
An issue was discovered in Form Tools through 3.0.20. A low-privileged user can trigger Reflected XSS when a viewing a form via the submission_id parameter, e.g., clients/forms/edit_submission.php?form_id=1&view_id=1&submission_id=[XSS].
9.8
CVE-2021-38145
- EPSS 2.28%
- Veröffentlicht 31.08.2021 05:15:06
- Zuletzt bearbeitet 21.11.2024 06:16:28
An issue was discovered in Form Tools through 3.0.20. SQL Injection can occur via the export_group_id field when a low-privileged user (client) tries to export a form with data, e.g., manipulation of modules/export_manager/export.php?export_group_id=...
1