CVE-2025-55797
Published
CVSS v3
6.5
MEDIUM
CVSS v2
N/A
Affected
2
PROJECTS
Description
An improper access control vulnerability in FormCms v0.5.4 in the /api/schemas/history/[schemaId] endpoint allows unauthenticated attackers to access historical schema data if a valid schemaId is known or guessed.
AI Agent: Open-source headless CMS built with ASP.NET Core (C#) and React, featuring REST APIs, GraphQL, and a GrapesJS page designer.
GitHub