{"containers": {"cna": {"affected": [{"product": "form", "vendor": "neos", "versions": [{"status": "affected", "version": ">= 1.2.0, < 4.3.3"}, {"status": "affected", "version": ">= 5.0.0, < 5.0.9"}, {"status": "affected", "version": ">= 5.1.0, < 5.1.3"}]}], "descriptions": [{"lang": "en", "value": "neos/forms is an open source framework to build web forms. By crafting a special `GET` request containing a valid form state, a form can be submitted without invoking any validators. Form state is secured with an HMAC that is still verified. That means that this issue can only be exploited if Form Finishers cause side effects even if no form values have been sent. Form Finishers can be adjusted in a way that they only execute an action if the submitted form contains some expected data. Alternatively a custom Finisher can be added as first finisher. This regression was introduced with https://github.com/neos/form/commit/049d415295be8d4a0478ccba97dba1bb81649567"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-06-21T18:15:13", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/neos/form/security/advisories/GHSA-m5vx-8chx-qvmm"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/neos/form-ghsa-m5vx-8chx-qvmm/pull/1"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/neos/form/commit/049d415295be8d4a0478ccba97dba1bb81649567"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/neos/form/commit/69de4219b1f58157e2be6b05811463875d75c246"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/neos/form/releases/tag/5.1.3"}], "source": {"advisory": "GHSA-m5vx-8chx-qvmm", "discovery": "UNKNOWN"}, "title": "Form validation can be skipped", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-32697", "STATE": "PUBLIC", "TITLE": "Form validation can be skipped"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "form", "version": {"version_data": [{"version_value": ">= 1.2.0, < 4.3.3"}, {"version_value": ">= 5.0.0, < 5.0.9"}, {"version_value": ">= 5.1.0, < 5.1.3"}]}}]}, "vendor_name": "neos"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "neos/forms is an open source framework to build web forms. By crafting a special `GET` request containing a valid form state, a form can be submitted without invoking any validators. Form state is secured with an HMAC that is still verified. That means that this issue can only be exploited if Form Finishers cause side effects even if no form values have been sent. Form Finishers can be adjusted in a way that they only execute an action if the submitted form contains some expected data. Alternatively a custom Finisher can be added as first finisher. This regression was introduced with https://github.com/neos/form/commit/049d415295be8d4a0478ccba97dba1bb81649567"}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20: Improper Input Validation"}]}]}, "references": {"reference_data": [{"name": "https://github.com/neos/form/security/advisories/GHSA-m5vx-8chx-qvmm", "refsource": "CONFIRM", "url": "https://github.com/neos/form/security/advisories/GHSA-m5vx-8chx-qvmm"}, {"name": "https://github.com/neos/form-ghsa-m5vx-8chx-qvmm/pull/1", "refsource": "MISC", "url": "https://github.com/neos/form-ghsa-m5vx-8chx-qvmm/pull/1"}, {"name": "https://github.com/neos/form/commit/049d415295be8d4a0478ccba97dba1bb81649567", "refsource": "MISC", "url": "https://github.com/neos/form/commit/049d415295be8d4a0478ccba97dba1bb81649567"}, {"name": "https://github.com/neos/form/commit/69de4219b1f58157e2be6b05811463875d75c246", "refsource": "MISC", "url": "https://github.com/neos/form/commit/69de4219b1f58157e2be6b05811463875d75c246"}, {"name": "https://github.com/neos/form/releases/tag/5.1.3", "refsource": "MISC", "url": "https://github.com/neos/form/releases/tag/5.1.3"}]}, "source": {"advisory": "GHSA-m5vx-8chx-qvmm", "discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T23:25:31.146Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/neos/form/security/advisories/GHSA-m5vx-8chx-qvmm"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/neos/form-ghsa-m5vx-8chx-qvmm/pull/1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/neos/form/commit/049d415295be8d4a0478ccba97dba1bb81649567"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/neos/form/commit/69de4219b1f58157e2be6b05811463875d75c246"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/neos/form/releases/tag/5.1.3"}]}]}, "cveMetadata": {"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2021-32697", "datePublished": "2021-06-21T18:15:13", "dateReserved": "2021-05-12T00:00:00", "dateUpdated": "2024-08-03T23:25:31.146Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:neos:form:*:*:*:*:*:*:*:*", "matchCriteriaId": "B2F4EB15-C82B-4C52-89D3-8230FE945E74", "versionEndExcluding": "4.3.3", "versionStartIncluding": "1.2.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:neos:form:*:*:*:*:*:*:*:*", "matchCriteriaId": "11B52CB3-C5EC-4D14-B7EF-D19137425459", "versionEndExcluding": "5.0.9", "versionStartIncluding": "5.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:neos:form:*:*:*:*:*:*:*:*", "matchCriteriaId": "73FD3D5A-F8E8-4241-BB47-785226A371D8", "versionEndExcluding": "5.1.3", "versionStartIncluding": "5.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "neos/forms is an open source framework to build web forms. By crafting a special `GET` request containing a valid form state, a form can be submitted without invoking any validators. Form state is secured with an HMAC that is still verified. That means that this issue can only be exploited if Form Finishers cause side effects even if no form values have been sent. Form Finishers can be adjusted in a way that they only execute an action if the submitted form contains some expected data. Alternatively a custom Finisher can be added as first finisher. This regression was introduced with https://github.com/neos/form/commit/049d415295be8d4a0478ccba97dba1bb81649567"}, {"lang": "es", "value": "neos/forms es un framework de c\u00f3digo abierto para construir formularios web. Al dise\u00f1ar una petici\u00f3n especial \"GET\" que contenga un estado de formulario v\u00e1lido, un formulario puede ser enviado sin invocar ning\u00fan validador. El estado del formulario est\u00e1 asegurado con un HMAC que sigue siendo comprobado. Esto significa que este problema s\u00f3lo puede ser explotado si los Form Finishers causan efectos secundarios incluso si no se han enviado valores de formulario. Los finalizadores de formularios pueden ajustarse de manera que s\u00f3lo ejecuten una acci\u00f3n si el formulario enviado contiene algunos datos esperados. Alternativamente se puede a\u00f1adir un finalizador personalizado como primer finalizador. Esta regresi\u00f3n se introdujo con https://github.com/neos/form/commit/049d415295be8d4a0478ccba97dba1bb81649567"}], "id": "CVE-2021-32697", "lastModified": "2024-11-21T06:07:33.163", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 2.5, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-21T19:15:08.073", "references": [{"source": "security-advisories@github.com", "tags": ["Broken Link"], "url": "https://github.com/neos/form-ghsa-m5vx-8chx-qvmm/pull/1"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/neos/form/commit/049d415295be8d4a0478ccba97dba1bb81649567"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/neos/form/commit/69de4219b1f58157e2be6b05811463875d75c246"}, {"source": "security-advisories@github.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/neos/form/releases/tag/5.1.3"}, {"source": "security-advisories@github.com", "tags": ["Third Party Advisory"], "url": "https://github.com/neos/form/security/advisories/GHSA-m5vx-8chx-qvmm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://github.com/neos/form-ghsa-m5vx-8chx-qvmm/pull/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/neos/form/commit/049d415295be8d4a0478ccba97dba1bb81649567"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/neos/form/commit/69de4219b1f58157e2be6b05811463875d75c246"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "https://github.com/neos/form/releases/tag/5.1.3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://github.com/neos/form/security/advisories/GHSA-m5vx-8chx-qvmm"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}

{}