Vulnerabilities (CVE)

Filtered by vendor Jqueryform Subscribe

Filtered by product Jqueryform

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-24982	1 Jqueryform	1 Jqueryform	2022-02-25	4.0 MEDIUM	6.5 MEDIUM
Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to access the cleartext credentials of all other form users. admin.php contains a hidden base64-encoded string with these credentials.
CVE-2022-24981	1 Jqueryform	1 Jqueryform	2022-02-25	4.3 MEDIUM	6.1 MEDIUM
A reflected cross-site scripting (XSS) vulnerability in forms generated by JQueryForm.com before 2022-02-05 allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to admin.php.