Vulnerabilities > Machform > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-29 | CVE-2021-20101 | Injection vulnerability in Machform Machform prior to version 16 is vulnerable to HTTP host header injection due to improperly validated host headers. | 6.1 |
| 2021-06-29 | CVE-2021-20103 | Cross-site Scripting vulnerability in Machform Machform prior to version 16 is vulnerable to stored cross-site scripting due to insufficient sanitization of file attachments uploaded with forms through upload.php. | 6.1 |
| 2021-06-29 | CVE-2021-20105 | Open Redirect vulnerability in Machform Machform prior to version 16 is vulnerable to an open redirect in Safari_init.php due to an improperly sanitized 'ref' parameter. | 6.1 |
| 2018-05-26 | CVE-2018-6409 | Path Traversal vulnerability in Machform 4.2.3 An issue was discovered in Appnitro MachForm before 4.2.3. | 5.3 |