Every CVE whose affected-product data names Formtools Core, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2021-38145 — CVSS 9.8 (critical): An issue was discovered in Form Tools through 3.0.20. SQL Injection can occur via the export_group_id field when a low-privileged user…
CVE-2021-38143 — CVSS 6.1 (medium): An issue was discovered in Form Tools through 3.0.20. When an administrator creates a customer account, it is possible for the customer to…
CVE-2021-38144 — CVSS 5.4 (medium): An issue was discovered in Form Tools through 3.0.20. A low-privileged user can trigger Reflected XSS when a viewing a form via the…