CVE-2026-47266

Sažetak

Formie is a Craft CMS plugin for creating forms. Prior to 2.2.21 and 3.1.26, unauthenticated users could modify existing submissions by posting a known or guessed submission ID to formie/submissions/save-submission. This vulnerability is fixed in 2.2.21 and 3.1.26.

Reference

https://github.com/verbb/formie/releases/tag/2.2.21
https://github.com/verbb/formie/releases/tag/3.1.26
https://github.com/verbb/formie/security/advisories/GHSA-pgxq-p76c-x9cg

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

29-05-2026 - 20:21

Objavljeno

29-05-2026 - 20:16