Basixonline CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2021-34675	1 Basixonline	1 Nex-forms	2024-11-21	7.5 High
Basix NEX-Forms through 7.8.7 allows authentication bypass for stored PDF reports.
CVE-2021-24705	1 Basixonline	1 Nex-forms	2024-11-21	4.8 Medium
The NEX-Forms WordPress plugin before 8.4.3 does not have CSRF checks in place when editing a form, and does not escape some of its settings as well as form fields before outputting them in attributes. This could allow attackers to make a logged in admin edit arbitrary forms with Cross-Site Scripting payloads in them

« first previous Page 2 of 2.