Browse all 5 CVE security advisories affecting open-formulieren. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Open-formulieren is a Dutch open-source form builder primarily used for creating and managing web forms. Historically, it has been susceptible to multiple vulnerabilities including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation, with five CVEs documented. These issues often stem from insufficient input validation and improper access controls. The application's security characteristics include its widespread use in Dutch government and educational sectors, making it a potential high-impact target. While no major public incidents have been widely reported, the consistent discovery of vulnerabilities in its codebase highlights ongoing security challenges that require diligent patching and secure configuration practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-28803 | Open Forms possible to view submission details of other people than intended — open-formsCWE-284 | 6.5 | Medium | 2026-03-11 |
| CVE-2025-64515 | Open Forms prefill data in read-only components can be tampered — open-formsCWE-20 | 4.3 | Medium | 2025-11-18 |
| CVE-2024-24771 | Open Forms potential multi-factor authentication bypass — open-formsCWE-284 | 7.7 | High | 2024-02-07 |
| CVE-2022-31041 | Insufficient content-type validation for uploaded files in open-forms — open-formsCWE-20 | 7.6 | High | 2022-06-13 |
| CVE-2022-31040 | Open Redirect in open-forms — open-formsCWE-601 | 7.1 | High | 2022-06-13 |
This page lists every published CVE security advisory associated with open-formulieren. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.