Vulnerabilites related to maykinmedia - open_forms
CVE-2024-24771 (GCVE-0-2024-24771)
Vulnerability from cvelistv5
Published
2024-02-07 14:51
Modified
2024-08-01 23:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials (username + password) compromised could potentially have the second-factor authentication bypassed if an attacker somehow managed to authenticate to Open Forms. The maintainers of Open Forms do not believe it is or has been possible to perform this login. However, if this were possible, the victim's account may be abused to view (potentially sensitive) submission data or have been used to impersonate other staff accounts to view and/or modify data. Three mitigating factors to help prevent exploitation include: the usual login page (at `/admin/login/`) does not fully log in the user until the second factor was succesfully provided; the additional non-MFA protected login page at `/api/v2/api-authlogin/` was misconfigured and could not be used to log in; and there are no additional ways to log in. This also requires credentials of a superuser to be compromised to be exploitable. Versions 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain the following patches to address these weaknesses: Move and only enable the API auth endpoints (`/api/v2/api-auth/login/`) with `settings.DEBUG = True`. `settings.DEBUG = True` is insecure and should never be applied in production settings. Additionally, apply a custom permission check to the hijack flow to only allow second-factor-verified superusers to perform user hijacking.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| open-formulieren | open-forms |
Version: < 2.2.9 Version: >= 2.3.0, < 2.3.7 Version: >= 2.4.0, < 2.4.4 Version: >= 2.5.0, < 2.5.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24771",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-07T19:33:10.005162Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-05T17:21:41.057Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:28:12.208Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-64r3-x3gf-vp63",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-64r3-x3gf-vp63"
},
{
"name": "https://github.com/open-formulieren/open-forms/releases/tag/2.2.9",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.2.9"
},
{
"name": "https://github.com/open-formulieren/open-forms/releases/tag/2.3.7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.3.7"
},
{
"name": "https://github.com/open-formulieren/open-forms/releases/tag/2.4.5",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.4.5"
},
{
"name": "https://github.com/open-formulieren/open-forms/releases/tag/2.5.2",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.5.2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "open-forms",
"vendor": "open-formulieren",
"versions": [
{
"status": "affected",
"version": "\u003c 2.2.9"
},
{
"status": "affected",
"version": "\u003e= 2.3.0, \u003c 2.3.7"
},
{
"status": "affected",
"version": "\u003e= 2.4.0, \u003c 2.4.4"
},
{
"status": "affected",
"version": "\u003e= 2.5.0, \u003c 2.5.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials (username + password) compromised could potentially have the second-factor authentication bypassed if an attacker somehow managed to authenticate to Open Forms. The maintainers of Open Forms do not believe it is or has been possible to perform this login. However, if this were possible, the victim\u0027s account may be abused to view (potentially sensitive) submission data or have been used to impersonate other staff accounts to view and/or modify data. Three mitigating factors to help prevent exploitation include: the usual login page (at `/admin/login/`) does not fully log in the user until the second factor was succesfully provided; the additional non-MFA protected login page at `/api/v2/api-authlogin/` was misconfigured and could not be used to log in; and there are no additional ways to log in. This also requires credentials of a superuser to be compromised to be exploitable. Versions 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain the following patches to address these weaknesses: Move and only enable the API auth endpoints (`/api/v2/api-auth/login/`) with `settings.DEBUG = True`. `settings.DEBUG = True` is insecure and should never be applied in production settings. Additionally, apply a custom permission check to the hijack flow to only allow second-factor-verified superusers to perform user hijacking."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287: Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-654",
"description": "CWE-654: Reliance on a Single Factor in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-02-07T14:51:10.303Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-64r3-x3gf-vp63",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-64r3-x3gf-vp63"
},
{
"name": "https://github.com/open-formulieren/open-forms/releases/tag/2.2.9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.2.9"
},
{
"name": "https://github.com/open-formulieren/open-forms/releases/tag/2.3.7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.3.7"
},
{
"name": "https://github.com/open-formulieren/open-forms/releases/tag/2.4.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.4.5"
},
{
"name": "https://github.com/open-formulieren/open-forms/releases/tag/2.5.2",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.5.2"
}
],
"source": {
"advisory": "GHSA-64r3-x3gf-vp63",
"discovery": "UNKNOWN"
},
"title": "Open Forms potential multi-factor authentication bypass"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-24771",
"datePublished": "2024-02-07T14:51:10.303Z",
"dateReserved": "2024-01-29T20:51:26.013Z",
"dateUpdated": "2024-08-01T23:28:12.208Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31041 (GCVE-0-2022-31041)
Vulnerability from cvelistv5
Published
2022-06-13 12:35
Modified
2025-04-23 18:16
Severity ?
VLAI Severity ?
EPSS score ?
Summary
Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users (e.g. only PDF / Excel / ...). The input validation of uploaded files is insufficient in versions prior to 1.0.9 and 1.1.1. Users could alter or strip file extensions to bypass this validation. This results in files being uploaded to the server that are of a different file type than indicated by the file name extension. These files may be downloaded (manually or automatically) by staff and/or other applications for further processing. Malicious files can therefore find their way into internal/trusted networks. Versions 1.0.9 and 1.1.1 contain patches for this issue. As a workaround, an API gateway or intrusion detection solution in front of open-forms may be able to scan for and block malicious content before it reaches the Open Forms application.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| open-formulieren | open-forms |
Version: < 1.0.9 Version: >= 1.1.0-rc0, < 1.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:03:40.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-h85r-xv4w-cg8g"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/open-formulieren/open-forms/commit/0978a29e821a7228c5d46c0527c3e925eb91b071"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31041",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:05:31.858092Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:16:48.072Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "open-forms",
"vendor": "open-formulieren",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.9"
},
{
"status": "affected",
"version": "\u003e= 1.1.0-rc0, \u003c 1.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users (e.g. only PDF / Excel / ...). The input validation of uploaded files is insufficient in versions prior to 1.0.9 and 1.1.1. Users could alter or strip file extensions to bypass this validation. This results in files being uploaded to the server that are of a different file type than indicated by the file name extension. These files may be downloaded (manually or automatically) by staff and/or other applications for further processing. Malicious files can therefore find their way into internal/trusted networks. Versions 1.0.9 and 1.1.1 contain patches for this issue. As a workaround, an API gateway or intrusion detection solution in front of open-forms may be able to scan for and block malicious content before it reaches the Open Forms application."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T12:35:11.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-h85r-xv4w-cg8g"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/open-formulieren/open-forms/commit/0978a29e821a7228c5d46c0527c3e925eb91b071"
}
],
"source": {
"advisory": "GHSA-h85r-xv4w-cg8g",
"discovery": "UNKNOWN"
},
"title": "Insufficient content-type validation for uploaded files in open-forms",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31041",
"STATE": "PUBLIC",
"TITLE": "Insufficient content-type validation for uploaded files in open-forms"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "open-forms",
"version": {
"version_data": [
{
"version_value": "\u003c 1.0.9"
},
{
"version_value": "\u003e= 1.1.0-rc0, \u003c 1.1.1"
}
]
}
}
]
},
"vendor_name": "open-formulieren"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users (e.g. only PDF / Excel / ...). The input validation of uploaded files is insufficient in versions prior to 1.0.9 and 1.1.1. Users could alter or strip file extensions to bypass this validation. This results in files being uploaded to the server that are of a different file type than indicated by the file name extension. These files may be downloaded (manually or automatically) by staff and/or other applications for further processing. Malicious files can therefore find their way into internal/trusted networks. Versions 1.0.9 and 1.1.1 contain patches for this issue. As a workaround, an API gateway or intrusion detection solution in front of open-forms may be able to scan for and block malicious content before it reaches the Open Forms application."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-434: Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-h85r-xv4w-cg8g",
"refsource": "CONFIRM",
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-h85r-xv4w-cg8g"
},
{
"name": "https://github.com/open-formulieren/open-forms/commit/0978a29e821a7228c5d46c0527c3e925eb91b071",
"refsource": "MISC",
"url": "https://github.com/open-formulieren/open-forms/commit/0978a29e821a7228c5d46c0527c3e925eb91b071"
}
]
},
"source": {
"advisory": "GHSA-h85r-xv4w-cg8g",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31041",
"datePublished": "2022-06-13T12:35:11.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:16:48.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-31040 (GCVE-0-2022-31040)
Vulnerability from cvelistv5
Published
2022-06-13 12:10
Modified
2025-04-23 18:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Summary
Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to redirect users to a website under their control, opening them up for phishing attacks. The redirect is initiated by the open forms backend which is a legimate page, making it less obvious to end users they are being redirected to a malicious website. Versions 1.0.9 and 1.1.1 contain patches for this issue. There are no known workarounds avaialble.
References
| ► | URL | Tags |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| open-formulieren | open-forms |
Version: < 1.0.9 Version: >= 1.1.0-rc0, < 1.1.1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T07:03:40.295Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-c97h-m5qf-j8mf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/open-formulieren/open-forms/commit/3e8c9cce386e548765783354694fbb9d7a6ea7d3"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-31040",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T14:05:34.364702Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T18:17:04.258Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "open-forms",
"vendor": "open-formulieren",
"versions": [
{
"status": "affected",
"version": "\u003c 1.0.9"
},
{
"status": "affected",
"version": "\u003e= 1.1.0-rc0, \u003c 1.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to redirect users to a website under their control, opening them up for phishing attacks. The redirect is initiated by the open forms backend which is a legimate page, making it less obvious to end users they are being redirected to a malicious website. Versions 1.0.9 and 1.1.1 contain patches for this issue. There are no known workarounds avaialble."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-13T12:10:10.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-c97h-m5qf-j8mf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/open-formulieren/open-forms/commit/3e8c9cce386e548765783354694fbb9d7a6ea7d3"
}
],
"source": {
"advisory": "GHSA-c97h-m5qf-j8mf",
"discovery": "UNKNOWN"
},
"title": "Open Redirect in open-forms",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2022-31040",
"STATE": "PUBLIC",
"TITLE": "Open Redirect in open-forms"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "open-forms",
"version": {
"version_data": [
{
"version_value": "\u003c 1.0.9"
},
{
"version_value": "\u003e= 1.1.0-rc0, \u003c 1.1.1"
}
]
}
}
]
},
"vendor_name": "open-formulieren"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to redirect users to a website under their control, opening them up for phishing attacks. The redirect is initiated by the open forms backend which is a legimate page, making it less obvious to end users they are being redirected to a malicious website. Versions 1.0.9 and 1.1.1 contain patches for this issue. There are no known workarounds avaialble."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-c97h-m5qf-j8mf",
"refsource": "CONFIRM",
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-c97h-m5qf-j8mf"
},
{
"name": "https://github.com/open-formulieren/open-forms/commit/3e8c9cce386e548765783354694fbb9d7a6ea7d3",
"refsource": "MISC",
"url": "https://github.com/open-formulieren/open-forms/commit/3e8c9cce386e548765783354694fbb9d7a6ea7d3"
}
]
},
"source": {
"advisory": "GHSA-c97h-m5qf-j8mf",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-31040",
"datePublished": "2022-06-13T12:10:10.000Z",
"dateReserved": "2022-05-18T00:00:00.000Z",
"dateUpdated": "2025-04-23T18:17:04.258Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2024-02-07 15:15
Modified
2024-11-21 08:59
Severity ?
7.7 (High) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
Summary
Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials (username + password) compromised could potentially have the second-factor authentication bypassed if an attacker somehow managed to authenticate to Open Forms. The maintainers of Open Forms do not believe it is or has been possible to perform this login. However, if this were possible, the victim's account may be abused to view (potentially sensitive) submission data or have been used to impersonate other staff accounts to view and/or modify data. Three mitigating factors to help prevent exploitation include: the usual login page (at `/admin/login/`) does not fully log in the user until the second factor was succesfully provided; the additional non-MFA protected login page at `/api/v2/api-authlogin/` was misconfigured and could not be used to log in; and there are no additional ways to log in. This also requires credentials of a superuser to be compromised to be exploitable. Versions 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain the following patches to address these weaknesses: Move and only enable the API auth endpoints (`/api/v2/api-auth/login/`) with `settings.DEBUG = True`. `settings.DEBUG = True` is insecure and should never be applied in production settings. Additionally, apply a custom permission check to the hijack flow to only allow second-factor-verified superusers to perform user hijacking.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| maykinmedia | open_forms | * | |
| maykinmedia | open_forms | * | |
| maykinmedia | open_forms | * | |
| maykinmedia | open_forms | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:maykinmedia:open_forms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "161AEFCB-F079-472E-86A6-07D57D35E2B4",
"versionEndExcluding": "2.2.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maykinmedia:open_forms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D90A88F3-FA88-43D2-A0CC-CB07C72214B4",
"versionEndExcluding": "2.3.7",
"versionStartIncluding": "2.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maykinmedia:open_forms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "13ADD1B0-57FD-4991-8B4A-2340EDEAADC5",
"versionEndExcluding": "2.4.5",
"versionStartIncluding": "2.4.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maykinmedia:open_forms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0BCE6950-BEFB-4D6E-BB5D-99A16A9E0DC8",
"versionEndExcluding": "2.5.2",
"versionStartIncluding": "2.5.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open Forms allows users create and publish smart forms. Versions prior to 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain a non-exploitable multi-factor authentication weakness. Superusers who have their credentials (username + password) compromised could potentially have the second-factor authentication bypassed if an attacker somehow managed to authenticate to Open Forms. The maintainers of Open Forms do not believe it is or has been possible to perform this login. However, if this were possible, the victim\u0027s account may be abused to view (potentially sensitive) submission data or have been used to impersonate other staff accounts to view and/or modify data. Three mitigating factors to help prevent exploitation include: the usual login page (at `/admin/login/`) does not fully log in the user until the second factor was succesfully provided; the additional non-MFA protected login page at `/api/v2/api-authlogin/` was misconfigured and could not be used to log in; and there are no additional ways to log in. This also requires credentials of a superuser to be compromised to be exploitable. Versions 2.2.9, 2.3.7, 2.4.5, and 2.5.2 contain the following patches to address these weaknesses: Move and only enable the API auth endpoints (`/api/v2/api-auth/login/`) with `settings.DEBUG = True`. `settings.DEBUG = True` is insecure and should never be applied in production settings. Additionally, apply a custom permission check to the hijack flow to only allow second-factor-verified superusers to perform user hijacking."
},
{
"lang": "es",
"value": "Open Forms permite a los usuarios crear y publicar formularios inteligentes. Las versiones anteriores a 2.2.9, 2.3.7, 2.4.5 y 2.5.2 contienen una debilidad de autenticaci\u00f3n multifactor no explotable. Los superusuarios que tienen sus credenciales (nombre de usuario + contrase\u00f1a) comprometidas podr\u00edan pasar por alto la autenticaci\u00f3n de segundo factor si un atacante de alguna manera logra autenticarse en Open Forms. Los mantenedores de Open Forms no creen que sea ni haya sido posible realizar este inicio de sesi\u00f3n. Sin embargo, si esto fuera posible, se podr\u00eda abusar de la cuenta de la v\u00edctima para ver datos de env\u00edo (potencialmente confidenciales) o haber sido utilizada para hacerse pasar por otras cuentas del personal para ver y/o modificar datos. Tres factores atenuantes para ayudar a prevenir la explotaci\u00f3n incluyen: la p\u00e1gina de inicio de sesi\u00f3n habitual (en `/admin/login/`) no inicia la sesi\u00f3n completa del usuario hasta que el segundo factor se proporciona con \u00e9xito; la p\u00e1gina de inicio de sesi\u00f3n adicional no protegida por MFA en `/api/v2/api-authlogin/` estaba mal configurada y no se pod\u00eda usar para iniciar sesi\u00f3n; y no hay formas adicionales de iniciar sesi\u00f3n. Esto tambi\u00e9n requiere que las credenciales de un superusuario est\u00e9n comprometidas para que sean explotables. Las versiones 2.2.9, 2.3.7, 2.4.5 y 2.5.2 contienen los siguientes parches para abordar estas debilidades: Mover y habilitar solo los endpoints de autenticaci\u00f3n API (`/api/v2/api-auth/login/`) con `settings.DEBUG = True`. `settings.DEBUG = True` es inseguro y nunca debe aplicarse en entornos de producci\u00f3n. Adem\u00e1s, aplique una verificaci\u00f3n de permiso personalizada al flujo de secuestro para permitir que solo los superusuarios verificados por un segundo factor realicen el secuestro de usuarios."
}
],
"id": "CVE-2024-24771",
"lastModified": "2024-11-21T08:59:40.127",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.3,
"impactScore": 5.8,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.2,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-02-07T15:15:08.283",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.2.9"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.3.7"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.4.5"
},
{
"source": "security-advisories@github.com",
"tags": [
"Release Notes"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.5.2"
},
{
"source": "security-advisories@github.com",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-64r3-x3gf-vp63"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.2.9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.3.7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.4.5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes"
],
"url": "https://github.com/open-formulieren/open-forms/releases/tag/2.5.2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Vendor Advisory"
],
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-64r3-x3gf-vp63"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
},
{
"lang": "en",
"value": "CWE-287"
},
{
"lang": "en",
"value": "CWE-654"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 12:15
Modified
2024-11-21 07:03
Severity ?
7.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Summary
Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to redirect users to a website under their control, opening them up for phishing attacks. The redirect is initiated by the open forms backend which is a legimate page, making it less obvious to end users they are being redirected to a malicious website. Versions 1.0.9 and 1.1.1 contain patches for this issue. There are no known workarounds avaialble.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| maykinmedia | open_forms | * | |
| maykinmedia | open_forms | 1.10 | |
| maykinmedia | open_forms | 1.10 | |
| maykinmedia | open_forms | 1.10 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:maykinmedia:open_forms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6562EA-A0C8-4C37-B556-E83242D34914",
"versionEndExcluding": "1.0.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maykinmedia:open_forms:1.10:-:*:*:*:*:*:*",
"matchCriteriaId": "B564D60F-178C-4B58-AE49-17D95F5B6BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maykinmedia:open_forms:1.10:rc0:*:*:*:*:*:*",
"matchCriteriaId": "DC5F436F-9674-4530-B19B-DC4BC5CD7D61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maykinmedia:open_forms:1.10:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F0DB0F22-FBC9-447C-B3A0-5FBBB663F17E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open Forms is an application for creating and publishing smart forms. Prior to versions 1.0.9 and 1.1.1, the cookie consent page in Open Forms contains an open redirect by injecting a `referer` querystring parameter and failing to validate the value. A malicious actor is able to redirect users to a website under their control, opening them up for phishing attacks. The redirect is initiated by the open forms backend which is a legimate page, making it less obvious to end users they are being redirected to a malicious website. Versions 1.0.9 and 1.1.1 contain patches for this issue. There are no known workarounds avaialble."
},
{
"lang": "es",
"value": "Open Forms es una aplicaci\u00f3n para crear y publicar formularios inteligentes. En versiones anteriores a 1.0.9 y 1.1.1, la p\u00e1gina de consentimiento de cookies en Open Forms contiene un redireccionamiento abierto al inyectar un par\u00e1metro de cadena de consulta \"referer\" y no comprender el valor. Un actor malicioso es capaz de redirigir a usuarios a un sitio web bajo su control, abri\u00e9ndolos a ataques de phishing. El redireccionamiento es iniciado por el backend de los formularios abiertos, que es una p\u00e1gina leg\u00edtima, lo que hace menos obvio para usuarios finales que est\u00e1n siendo redirigidos a un sitio web malicioso. Las versiones 1.0.9 y 1.1.1 contienen parches para este problema. No son conocidas mitigaciones disponibles"
}
],
"id": "CVE-2022-31040",
"lastModified": "2024-11-21T07:03:46.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T12:15:08.360",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/open-formulieren/open-forms/commit/3e8c9cce386e548765783354694fbb9d7a6ea7d3"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-c97h-m5qf-j8mf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/open-formulieren/open-forms/commit/3e8c9cce386e548765783354694fbb9d7a6ea7d3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-c97h-m5qf-j8mf"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-601"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-06-13 13:15
Modified
2024-11-21 07:03
Severity ?
7.6 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users (e.g. only PDF / Excel / ...). The input validation of uploaded files is insufficient in versions prior to 1.0.9 and 1.1.1. Users could alter or strip file extensions to bypass this validation. This results in files being uploaded to the server that are of a different file type than indicated by the file name extension. These files may be downloaded (manually or automatically) by staff and/or other applications for further processing. Malicious files can therefore find their way into internal/trusted networks. Versions 1.0.9 and 1.1.1 contain patches for this issue. As a workaround, an API gateway or intrusion detection solution in front of open-forms may be able to scan for and block malicious content before it reaches the Open Forms application.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| maykinmedia | open_forms | * | |
| maykinmedia | open_forms | 1.1.0 | |
| maykinmedia | open_forms | 1.1.0 | |
| maykinmedia | open_forms | 1.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:maykinmedia:open_forms:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CC6562EA-A0C8-4C37-B556-E83242D34914",
"versionEndExcluding": "1.0.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maykinmedia:open_forms:1.1.0:-:*:*:*:*:*:*",
"matchCriteriaId": "79EB5A82-12EA-4CF2-A9F3-3D36908D15AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maykinmedia:open_forms:1.1.0:rc0:*:*:*:*:*:*",
"matchCriteriaId": "3081AA3A-A8D5-4873-A97F-B9CB59B4F4D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:maykinmedia:open_forms:1.1.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "EB1F9D1E-B00F-4AEF-ACE6-F8FCDE75B3B6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open Forms is an application for creating and publishing smart forms. Open Forms supports file uploads as one of the form field types. These fields can be configured to allow only certain file extensions to be uploaded by end users (e.g. only PDF / Excel / ...). The input validation of uploaded files is insufficient in versions prior to 1.0.9 and 1.1.1. Users could alter or strip file extensions to bypass this validation. This results in files being uploaded to the server that are of a different file type than indicated by the file name extension. These files may be downloaded (manually or automatically) by staff and/or other applications for further processing. Malicious files can therefore find their way into internal/trusted networks. Versions 1.0.9 and 1.1.1 contain patches for this issue. As a workaround, an API gateway or intrusion detection solution in front of open-forms may be able to scan for and block malicious content before it reaches the Open Forms application."
},
{
"lang": "es",
"value": "Open Forms es una aplicaci\u00f3n para crear y publicar formularios inteligentes. Open Forms admite la carga de archivos como uno de los tipos de campo del formulario. Estos campos pueden configurarse para que los usuarios finales s\u00f3lo puedan cargar determinadas extensiones de archivo (por ejemplo, s\u00f3lo PDF / Excel / ...). La comprobaci\u00f3n de entrada de los archivos subidos es insuficiente en las versiones anteriores a 1.0.9 y 1.1.1. Los usuarios pod\u00edan alterar o eliminar las extensiones de los archivos para omitir esta comprobaci\u00f3n. Esto resulta en que sean subidos al servidor archivos que son de un tipo de archivo diferente al indicado por la extensi\u00f3n del nombre del archivo. Estos archivos pueden ser descargados (manual o autom\u00e1ticamente) por el personal y/o otras aplicaciones para su posterior procesamiento. Por lo tanto, los archivos maliciosos pueden encontrar su camino en las redes internas/confiables. Las versiones 1.0.9 y 1.1.1 contienen parches para este problema. Como mitigaci\u00f3n, una puerta de enlace de la API o una soluci\u00f3n de detecci\u00f3n de intrusos frente a Open Forms puede ser capaz de escanear y bloquear el contenido malicioso antes de que llegue a la aplicaci\u00f3n Open Forms"
}
],
"id": "CVE-2022-31041",
"lastModified": "2024-11-21T07:03:46.203",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.7,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-06-13T13:15:13.667",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/open-formulieren/open-forms/commit/0978a29e821a7228c5d46c0527c3e925eb91b071"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-h85r-xv4w-cg8g"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/open-formulieren/open-forms/commit/0978a29e821a7228c5d46c0527c3e925eb91b071"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/open-formulieren/open-forms/security/advisories/GHSA-h85r-xv4w-cg8g"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
},
{
"lang": "en",
"value": "CWE-434"
}
],
"source": "security-advisories@github.com",
"type": "Primary"
}
]
}