Description
Machform up to version 19 is affected by an authenticated Blind SQL injection in the user account settings page.
Exploits (1)
Scores
CVSS v3
8.8
EPSS
0.1106
EPSS Percentile
93.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-89
Status
published
Products (1)
machform/machform
< 19
Published
Jul 01, 2024
Tracked Since
Feb 18, 2026