CVE-2025-11438

Medium CVSS: 5.3

A vulnerability has been found in JhumanJ OpnForm up to 1.9.3. This vulnerability affects unknown code of the file /custom-domains of the component API Endpoint. Such manipulation leads to missing authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is beb153ce52dceb971c1518f98333328c95f1ba20. It is best practice to apply a patch to resolve this issue.

Vendor

Jhumanj

Product

Opnform

CWE

CWE-862

Yayın Tarihi

2025-10-08 07:15:31

Güncelleme

2025-10-09 16:17:50

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-862 Opnform MEDIUM Jhumanj 2025

Referanslar

https://docs.google.com/document/d/1GUjJA9vUbsXUngAv6ySsbCIhVynf8_djardLZYEDOe0/edit?tab=t.0#heading=h.gm61tyll8uys https://github.com/JhumanJ/OpnForm/pull/900/commits/beb153ce52dceb971c1518f98333328c95f1ba20 https://vuldb.com/?ctiid.327375 https://vuldb.com/?id.327375 https://vuldb.com/?submit.666879

Benzer Kayıtlar

Medium

CVE-2025-11442

A security flaw has been discovered in JhumanJ OpnForm up to 1.9.3. The impacted element is an unknown function of the c…

Medium

CVE-2025-11443

A weakness has been identified in JhumanJ OpnForm up to 1.9.3. This affects an unknown function of the file /api/passwor…

Medium

CVE-2025-11441

A vulnerability was identified in JhumanJ OpnForm up to 1.9.3. The affected element is an unknown function of the compon…

Medium

CVE-2025-11439

A vulnerability was found in JhumanJ OpnForm up to 1.9.3. This issue affects some unknown processing of the file /show/i…

Medium

CVE-2025-11440

A vulnerability was determined in JhumanJ OpnForm up to 1.9.3. Impacted is an unknown function of the file /edit. Execut…

Medium

CVE-2025-11437

A flaw has been found in JhumanJ OpnForm up to 1.9.3. This affects an unknown part of the file /api/open/forms/ of the c…