Vulnerabilities > Machform > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-29 | CVE-2021-20102 | Cross-Site Request Forgery (CSRF) vulnerability in Machform Machform prior to version 16 is vulnerable to cross-site request forgery due to a lack of CSRF tokens in place. | 8.8 |
| 2021-06-29 | CVE-2021-20104 | Unrestricted Upload of File with Dangerous Type vulnerability in Machform Machform prior to version 16 is vulnerable to unauthenticated remote code execution due to insufficient sanitization of file attachments uploaded with forms through upload.php. | 8.1 |