CNNVD-202510-1178 Information

CNNVD ID

CNNVD-202510-1178

Related CVE

CVE-2025-11441

• CNNVD Published: 2025-10-08

Description (Chinese)

OpnForm是Julien Nahum个人开发者的一个表单生成器。 OpnForm 1.9.3及之前版本存在安全漏洞，该漏洞源于HTTP Header Handler组件中参数X-Forwarded-For操作不当，可能导致过度身份验证尝试限制不当。

Description (English)

OpnForm is a form generator for Julien Nahum personal developers. The security gap in OpnForm 1.9.3 and earlier versions stems from the inappropriate operation of the parameter X-Forwarded-For in the HTTP Header Handler component, which may lead to undue attempts at authentication.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-08

Last Modified

2026-02-24

References

https://docs.google.com/document/d/1GUjJA9vUbsXUngAv6ySsbCIhVynf8_djardLZYEDOe0/edit?tab=t.0#heading=h.va2ituwwqcf3 https://github.com/JhumanJ/OpnForm/pull/900/commits/11e99960e14ca986b1a001a56e7533223d2cfa5b https://vuldb.com/?ctiid.327378 https://vuldb.com/?id.327378 https://vuldb.com/?submit.666888

Patch

https://opnform.com/