CVE-2022-24985

Published: Feb 16, 2022Modified: Jun 17, 2026

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to bypass authentication and access the administrative section of other forms hosted on the same web server. This is relevant only when an organization hosts more than one of these forms on their server.

Affected (1)

Products: Jqueryform: Jqueryform

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Jqueryform Jqueryform	Before 2022-02-05

References (6)

https://JQueryForm.com

Source: cve@mitre.org

Vendor Advisory

https://gist.github.com/pb-nsi/4d0a1ede76d4e97083b3435f820bf560

Source: cve@mitre.org

Third Party Advisory

https://www.nou-systems.com/cyber-security

Source: cve@mitre.org

Third Party Advisory

https://JQueryForm.com

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://gist.github.com/pb-nsi/4d0a1ede76d4e97083b3435f820bf560

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.nou-systems.com/cyber-security

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.