Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Charactell Subscribe
Filtered by product Formstorm
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-22789 1 Charactell 1 Formstorm 2022-02-01 4.6 MEDIUM 7.8 HIGH
Charactell - FormStorm Enterprise Account takeover – An attacker can modify (add, remove and update) passwords file for all the users. The xx_users.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existing password in the file.