Vulnerability Description
A vulnerability was determined in JhumanJ OpnForm up to 1.9.3. Impacted is an unknown function of the file /edit. Executing manipulation can lead to improper access controls. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized. This patch is called b15e29021d326be127193a5dbbd528c4e37e6324. Applying a patch is advised to resolve this issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jhumanj | Opnform | <= 1.9.3 |
Related Weaknesses (CWE)
References
- https://docs.google.com/document/d/1GUjJA9vUbsXUngAv6ySsbCIhVynf8_djardLZYEDOe0/ExploitThird Party Advisory
- https://github.com/JhumanJ/OpnForm/pull/900/commits/b15e29021d326be127193a5dbbd5Patch
- https://vuldb.com/?ctiid.327377Permissions RequiredVDB Entry
- https://vuldb.com/?id.327377Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.666881Third Party AdvisoryVDB Entry
- https://docs.google.com/document/d/1GUjJA9vUbsXUngAv6ySsbCIhVynf8_djardLZYEDOe0/ExploitThird Party Advisory
FAQ
What is CVE-2025-11440?
CVE-2025-11440 is a vulnerability with a CVSS score of 4.3 (MEDIUM). A vulnerability was determined in JhumanJ OpnForm up to 1.9.3. Impacted is an unknown function of the file /edit. Executing manipulation can lead to improper access controls. The attack can be execute...
How severe is CVE-2025-11440?
CVE-2025-11440 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-11440?
Check the references section above for vendor advisories and patch information. Affected products include: Jhumanj Opnform.