CVE-2024-6935 | formtools.org Form Tools 3.1.1 User Settings Page /admin/clients/ cross site scripting

Posted by Angelo Barbosa | Jul 20, 2024 | CVE

A vulnerability classified as problematic was found in formtools.org Form Tools 3.1.1. This vulnerability affects unknown code of the file /admin/clients/ of the component User Settings Page. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-6935. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-6935 | formtools.org Form Tools 3.1.1 User Settings Page /admin/clients/ cross site scripting

Related Posts

CVE-2024-3625 | quay mirror-registry Redis Password cleartext storage in a file or on disk

CVE-2023-42839 | Apple iOS/iPadOS App state issue

CVE-2024-40726 | Netbox 4.0.3 Name cross site scripting

CVE-2021-47092 | Linux Kernel up to 5.15.11 VMX nested.c __vmx_handle_exit denial of service (e4e4e7cb2298/a80dfc025924)