CNNVD-202511-1964 Information
CNNVD ID
CNNVD-202511-1964
Related CVE
- CNNVD Published: 2025-11-18
Description (Chinese)
Open Forms是Open Formulieren开源的一种智能动态表格。用于快速创建通过 API 公开的强大而智能的表单。 Open Forms 3.2.7之前版本和3.3.3之前版本存在输入验证错误漏洞,该漏洞源于预填数据字段可被恶意用户修改。
Description (English)
Open Forms is an open-source smart dynamic table. For the quick creation of powerful and intelligent forms that are open through API. There is an input authentication error gap in previous versions of Open Forms 3.2.7 and 3.3.3, which arises from prefilled data fields that can be modified by malicious users.
Hazard Level
High
Vulnerability Type
输入验证错误
Affected Vendor
Open Formulieren
Published
2025-11-18
Last Modified
2026-02-24
References
https://github.com/open-formulieren/open-forms/blob/bcf2dc54c695fb7c8c58712627d82c4b766248b6/CHANGELOG.rst#327-2025-11-18 https://github.com/open-formulieren/open-forms/blob/bcf2dc54c695fb7c8c58712627d82c4b766248b6/CHANGELOG.rst#333-2025-11-18 https://github.com/open-formulieren/open-forms/security/advisories/GHSA-cp63-63mq-5wvf https://access.redhat.com/security/cve/cve-2025-64515
Patch
https://github.com/open-formulieren/open-forms/tags
Share on: