Skip to main content

Open Forms

5 CVEs product

Monthly

CVE-2026-28803 MEDIUM This Month

Open Forms versions prior to 3.3.13 and 3.4.5 allow authenticated attackers to access arbitrary form submissions through submission reference enumeration or manipulation in the cosigning workflow. An attacker with valid credentials can guess or modify cosigner codes to retrieve submissions they should not have access to, resulting in unauthorized information disclosure.

Authentication Bypass Open Forms
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-64515 MEDIUM PATCH Monitor

Open Forms allows users create and publish smart forms. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Open Forms
NVD GitHub
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-24771 MEDIUM This Month

Open Forms allows users create and publish smart forms. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Open Forms
NVD GitHub
CVSS 3.1
5.9
EPSS
0.6%
CVE-2022-31041 MEDIUM PATCH This Month

Open Forms is an application for creating and publishing smart forms. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Open Forms
NVD GitHub
CVSS 3.1
6.5
EPSS
0.7%
CVE-2022-31040 MEDIUM PATCH This Month

Open Forms is an application for creating and publishing smart forms. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Open Forms
NVD GitHub
CVSS 3.1
6.1
EPSS
0.7%
EPSS 0% CVSS 6.5
MEDIUM This Month

Open Forms versions prior to 3.3.13 and 3.4.5 allow authenticated attackers to access arbitrary form submissions through submission reference enumeration or manipulation in the cosigning workflow. An attacker with valid credentials can guess or modify cosigner codes to retrieve submissions they should not have access to, resulting in unauthorized information disclosure.

Authentication Bypass Open Forms
NVD GitHub VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH Monitor

Open Forms allows users create and publish smart forms. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Open Forms
NVD GitHub
EPSS 1% CVSS 5.9
MEDIUM This Month

Open Forms allows users create and publish smart forms. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Open Forms
NVD GitHub
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Open Forms is an application for creating and publishing smart forms. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Open Forms
NVD GitHub
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Open Forms is an application for creating and publishing smart forms. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

Open Redirect Open Forms
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy