Missing Authorization Vulnerability Affects ARForms Form Builder
CVE-2024-31270
7.6HIGH
Summary
A vulnerability exists in the ARForms Form Builder developed by Repute InfoSystems, characterized by missing authorization controls. This security flaw allows unauthorized users to potentially exploit functions that should be restricted, leading to unauthorized access to sensitive information. The affected versions include those from n/a through 1.6.1, highlighting the importance for all users to ensure they apply any necessary updates or patches to mitigate associated risks. Continuous monitoring and enforcement of access control measures are essential to maintain security integrity.
Affected Version(s)
ARForms Form Builder <= 1.6.1
References
CVSS V3.1
Score:
7.6
Severity:
HIGH
Confidentiality:
Low
Integrity:
High
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Yudistira Arya (Patchstack Alliance)