CVE-2022-24985 — HIGH (8.8)

Q: How severe is CVE-2022-24985?

CVE-2022-24985 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2022-24985?

Check the references section above for vendor advisories and patch information. Affected products include: Jqueryform Jqueryform.

Vulnerability Description

Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to bypass authentication and access the administrative section of other forms hosted on the same web server. This is relevant only when an organization hosts more than one of these forms on their server.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Jqueryform	Jqueryform	< 2022-02-05

References

https://JQueryForm.comVendor Advisory
https://gist.github.com/pb-nsi/4d0a1ede76d4e97083b3435f820bf560Third Party Advisory
https://www.nou-systems.com/cyber-securityThird Party Advisory
https://JQueryForm.comVendor Advisory
https://gist.github.com/pb-nsi/4d0a1ede76d4e97083b3435f820bf560Third Party Advisory
https://www.nou-systems.com/cyber-securityThird Party Advisory

FAQ

What is CVE-2022-24985?

CVE-2022-24985 is a vulnerability with a CVSS score of 8.8 (HIGH). Forms generated by JQueryForm.com before 2022-02-05 allows a remote authenticated attacker to bypass authentication and access the administrative section of other forms hosted on the same web server. ...

How severe is CVE-2022-24985?

CVE-2022-24985 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-24985?

Check the references section above for vendor advisories and patch information. Affected products include: Jqueryform Jqueryform.