Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to bypass authentication and access the administrative section of other forms hosted on the same web server. This is relevant only when an organization hosts more than one of these forms on their server.
References
Link | Resource |
---|---|
https://JQueryForm.com | Vendor Advisory |
https://gist.github.com/pb-nsi/4d0a1ede76d4e97083b3435f820bf560 | Third Party Advisory |
https://www.nou-systems.com/cyber-security | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-02-16T21:05:25
Updated: 2022-02-16T21:05:25
Reserved: 2022-02-13T00:00:00
Link: CVE-2022-24985
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-02-16T22:15:08.077
Modified: 2023-08-08T14:21:49.707
Link: CVE-2022-24985
JSON object: View
Redhat Information
No data.
CWE