RSS   Vulnerabilities for 'Forms'   RSS

2021-06-01
 
CVE-2021-23388

NVD-CWE-noinfo
 

 
The package forms before 1.2.1, from 1.3.0 and before 1.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via email validation.

 
2018-06-04
 
CVE-2017-16015

CWE-79
 

 
Forms is a library for easily creating HTML forms. Versions before 1.3.0 did not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms may be vulnerable to cross site scripting

 


Copyright 2024, cxsecurity.com

 

Back to Top