Browse all 9 CVE security advisories affecting JhumanJ. AI-powered Chinese analysis, POCs, and references for each vulnerability.
JhumanJ is primarily used in web application development and content management systems, with its core functionality centered around dynamic content rendering and user interaction. Historically, vulnerabilities associated with JhumanJ include remote code execution, cross-site scripting (XSS), and privilege escalation, often stemming from improper input validation and insecure default configurations. The project has demonstrated inconsistent security practices, with multiple CVEs highlighting insufficient access controls and session management flaws. While no major public security incidents have been widely documented, the accumulation of 9 CVEs suggests ongoing challenges in secure coding practices and vulnerability management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-11443 | JhumanJ OpnForm Forgotten Password email information exposure — OpnFormCWE-203 | 3.7 | Low | 2025-10-08 |
| CVE-2025-11442 | JhumanJ OpnForm API Endpoint cross-site request forgery — OpnFormCWE-352 | 4.3 | Medium | 2025-10-08 |
| CVE-2025-11441 | JhumanJ OpnForm HTTP Header excessive authentication — OpnFormCWE-307 | 3.7 | Low | 2025-10-08 |
| CVE-2025-11440 | JhumanJ OpnForm edit access control — OpnFormCWE-284 | 4.3 | Medium | 2025-10-08 |
| CVE-2025-11439 | JhumanJ OpnForm integrations authorization — OpnFormCWE-862 | 4.3 | Medium | 2025-10-08 |
| CVE-2025-11438 | JhumanJ OpnForm API Endpoint custom-domains authorization — OpnFormCWE-862 | 6.3 | Medium | 2025-10-08 |
| CVE-2025-11437 | JhumanJ OpnForm Form Editor forms cross site scripting — OpnFormCWE-79 | 2.4 | Low | 2025-10-08 |
| CVE-2025-11436 | JhumanJ OpnForm answer unrestricted upload — OpnFormCWE-434 | 6.3 | Medium | 2025-10-08 |
| CVE-2025-11435 | JhumanJ OpnForm submissions cross site scripting — OpnFormCWE-79 | 4.3 | Medium | 2025-10-08 |
This page lists every published CVE security advisory associated with JhumanJ. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.