All 7 CVE vulnerabilities found in Forma LMS, with AI-generated Chinese analysis, references, and POCs.
Vendor: Forma
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2020-36960 | Forma LMS 2.3 - 'First & Last Name' Stored Cross-Site Scripting CWE-79 | 6.4 | Medium | 2026-01-26 |
| CVE-2022-41679 | Cross-site scripting in Forma LMS version CWE-79 | 4.7 | Medium | 2022-10-31 |
| CVE-2022-42924 | SQL injection in Forma LMS CWE-89 | 7.6 | High | 2022-10-31 |
| CVE-2022-41681 | File Upload vulnerability in Forma LMS CWE-434 | 9.9 | Critical | 2022-10-31 |
| CVE-2022-41680 | SQL Injection in Forma LMS CWE-89 | 7.6 | High | 2022-10-31 |
| CVE-2022-42925 | Unrestricted Upload of File with Dangerous Type in Forma LMS CWE-434 | 9.9 | Critical | 2022-10-31 |
| CVE-2022-42923 | SQL injection in Forma LMS CWE-89 | 8.3 | High | 2022-10-31 |
All 7 known CVE vulnerabilities affecting Forma LMS with full Chinese analysis, references, and POCs where available.