CVE-2024-37160
Formwork is a flat file-based Content Management System (CMS). An attackers (requires administrator privilege) to execute arbitrary web scripts by modifying site options via /panel/options/site. This type of attack is suitable for persistence, affecting visitors across all pages (except the dashboard). This vulnerability is fixed in 1.13.1.
| Software | From | Fixed in |
|---|---|---|
| formwork_project / formwork | - | 1.13.1 |
getformwork / formwork
|
- | 1.13.1 |
|
getformwork / formwork
|
2.0.0-beta.1 | 2.0.0-beta.1.x |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime