Dismissed
Permalink
CVE-2025-68924
7.5 HIGH
- CVSS version: 3.1
- Attack vector (AV):
- Attack complexity (AC):
- Privileges required (PR):
- User interaction (UI):
- Scope (S):
- Confidentiality impact (C):
- Integrity impact (I):
- Availability impact (A):
by @LeSuisse Activity log
- Created automatic suggestion
-
@LeSuisse
removed
32 packages
- wordpressPackages.plugins.hcaptcha-for-forms-and-more
- chickenPackages_5.chickenEggs.sxml-transforms
- python313Packages.django-formset-js-improved
- python312Packages.django-formset-js-improved
- home-assistant-component-tests.modern_forms
- wordpressPackages.plugins.wpforms-lite
- nodePackages_latest.@tailwindcss/forms
- python313Packages.django-crispy-forms
- python312Packages.django-crispy-forms
- python313Packages.wtforms-bootstrap5
- python313Packages.wtforms-sqlalchemy
- python312Packages.wtforms-sqlalchemy
- python312Packages.wtforms-bootstrap5
- python313Packages.permissionedforms
- python312Packages.permissionedforms
- inkscape-extensions.applytransforms
- haskellPackages.unicode-transforms
- python313Packages.craft-platforms
- python312Packages.craft-platforms
- python313Packages.aiomodernforms
- python313Packages.beanhub-forms
- python312Packages.aiomodernforms
- python312Packages.beanhub-forms
- haskellPackages.unsafeperformst
- nodePackages.@tailwindcss/forms
- python313Packages.transforms3d
- python312Packages.transforms3d
- python313Packages.nitransforms
- python312Packages.nitransforms
- python313Packages.wtforms
- python312Packages.wtforms
- platformsh
- @LeSuisse dismissed
In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply …
In Umbraco UmbracoForms through 8.13.16, an authenticated attacker can supply a malicious WSDL (aka Webservice) URL as a data source for remote code execution.
References
Affected products
Forms
- =<8.13.16