CVE-2025-64515 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Open Forms allows users create and publish smart forms. Prior to versions 3.2.7 and 3.3.3, forms where the prefill data fields are dynamically set to readonly/d…
Medium CVSS: 4.3

CVE-2025-64515

Open Forms allows users create and publish smart forms. Prior to versions 3.2.7 and 3.3.3, forms where the prefill data fields are dynamically set to readonly/disabled can be modified by malicious users deliberately trying to modify data they're not supposed to. For regular users, the form fields are marked as readonly and cannot be modified through the user interface. This issue has been patched in versions 3.2.7 and 3.3.3.
Vendor
Maykinmedia
Product
Open Forms
CWE
CWE-20
Yayın Tarihi
2025-11-18 23:15:55
Güncelleme
2025-12-02 20:39:24
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-20 Open Forms MEDIUM Maykinmedia 2025

Referanslar

https://github.com/open-formulieren/open-forms/blob/bcf2dc54c695fb7c8c58712627d82c4b766248b6/CHANGELOG.rst#327-2025-11-18 https://github.com/open-formulieren/open-forms/blob/bcf2dc54c695fb7c8c58712627d82c4b766248b6/CHANGELOG.rst#333-2025-11-18 https://github.com/open-formulieren/open-forms/security/advisories/GHSA-cp63-63mq-5wvf