{"id":"CVE-2025-67718","summary":"Formio improperly authorized permission elevation through specially crafted request path","details":"Form.io is a combined Form and API platform for Serverless applications. Versions 3.5.6 and below and 4.0.0-rc.1 through 4.4.2 contain a flaw in path handling which could allow an attacker to access protected API endpoints by sending a crafted request path. An unauthenticated or unauthorized request could retrieve data from endpoints that should be protected. This issue is fixed in versions 3.5.7 and 4.4.3.","aliases":["GHSA-m654-769v-qjv7"],"modified":"2026-04-10T05:36:04.514231Z","published":"2025-12-11T00:58:43.297Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/67xxx/CVE-2025-67718.json","cwe_ids":["CWE-178","CWE-200"],"cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/67xxx/CVE-2025-67718.json"},{"type":"ADVISORY","url":"https://github.com/formio/formio/security/advisories/GHSA-m654-769v-qjv7"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-67718"},{"type":"FIX","url":"https://github.com/formio/formio/commit/1836bdd9f55f5888ff397c257b2108c09d3de478"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/formio/formio","events":[{"introduced":"0"},{"fixed":"59389ba15ee462060c6596bb68826992af8eb45e"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"3.5.7"}]}},{"type":"GIT","repo":"https://github.com/formio/formio","events":[{"introduced":"e16408ac22f759fce2eb95c4775e501af42c92de"},{"fixed":"2a209735ad7f847a870c3091501ba641cb8b7d28"}],"database_specific":{"versions":[{"introduced":"4.0.0-rc.1"},{"fixed":"4.4.3"}]}}],"versions":["1.0.0","1.1.0","2.0.0-beta.8","2.0.0-beta.9","2.0.0-rc.9","v1.1.1","v1.1.10","v1.1.11","v1.1.12","v1.1.13","v1.1.14","v1.1.15","v1.1.2","v1.1.3","v1.1.4","v1.1.6","v1.1.8","v1.1.9","v1.10.1","v1.11.0","v1.11.1","v1.11.3","v1.11.4","v1.11.5","v1.11.6","v1.11.7","v1.12.0","v1.12.1","v1.12.2","v1.12.3","v1.12.4","v1.12.5","v1.13.0","v1.14.0","v1.14.1","v1.15.0","v1.15.1","v1.15.10","v1.15.11","v1.15.12","v1.15.13","v1.15.14","v1.15.15","v1.15.2","v1.15.3","v1.15.4","v1.15.5","v1.15.6","v1.15.7","v1.15.8","v1.15.9","v1.16.2","v1.16.4","v1.17.0","v1.17.3","v1.17.4","v1.17.5","v1.18.0","v1.18.1","v1.18.10","v1.18.11","v1.18.12","v1.18.14","v1.18.2","v1.18.3","v1.18.4","v1.18.5","v1.18.6","v1.18.7","v1.18.8","v1.18.9","v1.19.1","v1.19.2","v1.19.3","v1.19.5","v1.19.6","v1.19.7","v1.2.1","v1.2.2","v1.2.3","v1.20.2","v1.21.0","v1.22.0","v1.22.1","v1.22.10","v1.22.11","v1.22.12","v1.22.14","v1.22.15","v1.22.16","v1.22.18","v1.22.19","v1.22.2","v1.22.3","v1.22.5","v1.22.7","v1.22.8","v1.22.9","v1.23.0","v1.23.1","v1.23.10","v1.23.11","v1.23.12","v1.23.2","v1.23.4","v1.23.5","v1.23.6","v1.23.7","v1.23.8","v1.23.9","v1.24.0","v1.24.1","v1.24.2","v1.24.3","v1.24.4","v1.24.5","v1.24.6","v1.24.7","v1.25.0","v1.25.1","v1.25.10","v1.25.11","v1.25.12","v1.25.2","v1.25.3","v1.25.5","v1.25.6","v1.25.7","v1.25.8","v1.25.9","v1.26.0","v1.26.1","v1.26.2","v1.26.3","v1.26.4","v1.26.5","v1.26.6","v1.26.7","v1.26.8","v1.27.0","v1.27.1","v1.27.2","v1.27.3","v1.27.4","v1.27.5","v1.28.0","v1.29.0","v1.29.1","v1.29.2","v1.3.0","v1.3.1","v1.3.2","v1.3.3","v1.30.0","v1.30.1","v1.30.2","v1.31.0","v1.31.1","v1.31.2","v1.31.3","v1.31.4","v1.32.0","v1.33.0","v1.33.1","v1.33.2","v1.33.3","v1.33.4","v1.33.5","v1.33.6","v1.34.0","v1.34.1","v1.34.2","v1.34.3","v1.34.4","v1.34.5","v1.34.6","v1.35.0","v1.35.1","v1.35.2","v1.36.0","v1.36.1","v1.36.2","v1.37.0","v1.37.1","v1.37.2","v1.37.3","v1.37.4","v1.37.5","v1.37.6","v1.37.7","v1.38.0","v1.39.0","v1.39.1","v1.39.2","v1.4.0","v1.4.1","v1.40.0","v1.40.1","v1.40.2","v1.41.0","v1.41.1","v1.41.2","v1.41.3","v1.42.0","v1.42.1","v1.43.0","v1.43.1","v1.43.2","v1.44.0","v1.44.1","v1.44.2","v1.44.3","v1.44.4","v1.44.5","v1.44.6","v1.44.7","v1.45.0","v1.46.0","v1.47.0","v1.48.0","v1.48.1","v1.48.2","v1.49.0","v1.5.0","v1.5.1","v1.5.2","v1.50.0","v1.51.0","v1.52.0","v1.53.0","v1.54.0","v1.55.0","v1.56.0","v1.57.0","v1.58.0","v1.59.0","v1.6.0","v1.6.1","v1.6.2","v1.60.0","v1.60.1","v1.60.3","v1.60.4","v1.60.5","v1.60.6","v1.60.7","v1.60.8","v1.61.0","v1.62.0","v1.63.0","v1.63.1","v1.63.10","v1.63.11","v1.63.2","v1.63.3","v1.63.4","v1.63.5","v1.63.6","v1.63.7","v1.63.8","v1.63.9","v1.64.0","v1.65.0","v1.66.0","v1.67.0","v1.68.0","v1.7.0","v1.7.1","v1.7.10","v1.7.11","v1.7.12","v1.7.13","v1.7.15","v1.7.16","v1.7.17","v1.7.18","v1.7.19","v1.7.2","v1.7.3","v1.7.4","v1.7.5","v1.7.6","v1.7.7","v1.7.8","v1.7.9","v1.70.0","v1.8.0","v1.8.1","v1.8.10","v1.8.11","v1.8.12","v1.8.14","v1.8.17","v1.8.18","v1.8.2","v1.8.20","v1.8.21","v1.8.22","v1.8.23","v1.8.24","v1.8.25","v1.8.26","v1.8.27","v1.8.3","v1.8.4","v1.8.5","v1.8.6","v1.8.7","v1.8.8","v1.8.9","v1.9.0","v1.9.1","v1.9.2","v1.9.3","v1.9.4","v1.9.5","v1.9.6","v1.9.7","v1.9.8","v1.9.9","v2.0.0-beta.1","v2.0.0-beta.10","v2.0.0-beta.2","v2.0.0-beta.3","v2.0.0-beta.4","v2.0.0-beta.5","v2.0.0-beta.6","v2.0.0-beta.7","v2.0.0-beta.8","v2.0.0-rc.1","v2.0.0-rc.11","v2.0.0-rc.12","v2.0.0-rc.13","v2.0.0-rc.14","v2.0.0-rc.15","v2.0.0-rc.16","v2.0.0-rc.17","v2.0.0-rc.18","v2.0.0-rc.19","v2.0.0-rc.2","v2.0.0-rc.20","v2.0.0-rc.21","v2.0.0-rc.22","v2.0.0-rc.23","v2.0.0-rc.24","v2.0.0-rc.25","v2.0.0-rc.26","v2.0.0-rc.27","v2.0.0-rc.28","v2.0.0-rc.29","v2.0.0-rc.3","v2.0.0-rc.30","v2.0.0-rc.31","v2.0.0-rc.32","v2.0.0-rc.33","v2.0.0-rc.34","v2.0.0-rc.35","v2.0.0-rc.36","v2.0.0-rc.37","v2.0.0-rc.38","v2.0.0-rc.39","v2.0.0-rc.4","v2.0.0-rc.40","v2.0.0-rc.41","v2.0.0-rc.42","v2.0.0-rc.43","v2.0.0-rc.5","v2.0.0-rc.6","v2.0.0-rc.7","v2.0.0-rc.8","v2.0.0-rc.9","v2.1.0","v2.1.0-rc.1","v2.1.0-rc.11","v2.1.0-rc.13","v2.1.0-rc.14","v2.1.0-rc.15","v2.1.0-rc.16","v2.1.0-rc.17","v2.1.0-rc.18","v2.1.0-rc.2","v2.1.0-rc.3","v2.1.0-rc.7","v2.1.0-rc.8","v2.1.0-rc.9","v2.2.0","v2.2.0-rc.1","v2.2.0-rc.2","v2.2.1","v2.2.1-rc.1","v2.2.1-rc.2","v2.2.2-rc.1","v2.2.2-rc.2","v2.2.3","v2.2.3-rc.10","v2.2.3-rc.11","v2.2.3-rc.3","v2.2.3-rc.4","v2.2.3-rc.5","v2.2.3-rc.6","v2.2.3-rc.7","v2.2.3-rc.8","v2.2.3-rc.9","v2.2.4-rc.1","v2.21.4","v2.3.0","v2.3.0-rc.1","v2.3.0-rc.11","v2.3.0-rc.12","v2.3.0-rc.13","v2.3.0-rc.14","v2.3.0-rc.15","v2.3.0-rc.16","v2.3.0-rc.17","v2.3.0-rc.3","v2.3.0-rc.4","v2.3.0-rc.5","v2.3.0-rc.6","v2.3.0-rc.7","v2.3.0-rc.8","v2.3.0-rc.9","v2.3.1","v2.3.1-rc.1","v2.3.2","v2.3.2-rc.1","v2.3.2-rc.2","v2.3.2-rc.3","v2.3.3","v2.3.3-rc.1","v2.3.3-rc.2","v2.3.3-rc.3","v2.4.0-rc.1","v2.4.0-rc.2","v2.5.0-rc.1","v2.5.0-rc.2","v2.5.0-rc.3","v2.5.0-rc.4","v2.5.0-rc.5","v2.5.0-rc.6","v2.5.0-rc.7","v2.5.0-rc.8","v3.0.0-rc.1","v3.0.0-rc.10","v3.0.0-rc.11","v3.0.0-rc.2","v3.0.0-rc.3","v3.0.0-rc.4","v3.0.0-rc.5","v3.0.0-rc.6","v3.0.0-rc.7","v3.0.0-rc.8","v3.0.0-rc.9","v3.1.0-rc.4","v3.1.0-rc.5","v3.4.0","v3.4.0-rc.1","v3.4.0-rc.10","v3.4.0-rc.11","v3.4.0-rc.12","v3.4.0-rc.13","v3.4.0-rc.14","v3.4.0-rc.15","v3.4.0-rc.16","v3.4.0-rc.17","v3.4.0-rc.18","v3.4.0-rc.19","v3.4.0-rc.2","v3.4.0-rc.3","v3.4.0-rc.4","v3.4.0-rc.5","v3.4.0-rc.6","v3.4.0-rc.7","v3.4.0-rc.8","v3.4.0-rc.9","v3.4.1-rc.1","v3.4.1-rc.2","v3.4.1-rc.3","v3.4.1-rc.4","v3.5.0","v3.5.0-rc.1","v3.5.0-rc.2","v3.5.0-rc.3","v3.5.0-rc.4","v3.5.0-rc.5","v3.5.0-rc.6","v3.5.1","v3.5.1-rc.1","v3.5.1-rc.2","v3.5.1-rc.3","v3.5.1-rc.4","v3.5.2","v3.5.2-rc.1","v3.5.2-rc.2","v3.5.2-rc.3","v3.5.2-rc.4","v3.5.3","v3.5.3-rc.1","v3.5.3-rc.2","v3.5.3-rc.3","v3.5.4","v3.5.4-rc.1","v3.5.4-rc.2","v3.5.4-rc.3","v3.5.5","v3.5.5-rc.1","v3.5.5-rc.2","v3.5.5-rc.3","v3.5.6","v3.5.6-rc.1","v3.5.6-rc.2","v3.5.7-rc.1","v4.0.0","v4.0.0-rc.1","v4.0.0-rc.10","v4.0.0-rc.11","v4.0.0-rc.12","v4.0.0-rc.13","v4.0.0-rc.14","v4.0.0-rc.15","v4.0.0-rc.16","v4.0.0-rc.17","v4.0.0-rc.18","v4.0.0-rc.19","v4.0.0-rc.2","v4.0.0-rc.20","v4.0.0-rc.21","v4.0.0-rc.22","v4.0.0-rc.23","v4.0.0-rc.24","v4.0.0-rc.25","v4.0.0-rc.26","v4.0.0-rc.27","v4.0.0-rc.29","v4.0.0-rc.3","v4.0.0-rc.30","v4.0.0-rc.31","v4.0.0-rc.32","v4.0.0-rc.33","v4.0.0-rc.4","v4.0.0-rc.5","v4.0.0-rc.6","v4.0.0-rc.7","v4.0.0-rc.8","v4.0.0-rc.9","v4.1.0-rc.1","v4.1.0-rc.2","v4.1.0-rc.3","v4.1.0-rc.4","v4.2.0","v4.2.0-rc.1","v4.2.0-rc.2","v4.2.0-rc.3","v4.2.0-rc.4","v4.2.0-rc.5","v4.2.0-rc.6","v4.2.1-rc.1","v4.2.1-rc.3","v4.2.1-rc.4","v4.2.1-rc.5","v4.3.0","v4.3.0-rc.10","v4.3.0-rc.11","v4.3.0-rc.12","v4.3.0-rc.13","v4.3.0-rc.14","v4.3.0-rc.15","v4.3.0-rc.16","v4.3.0-rc.17","v4.3.0-rc.18","v4.3.0-rc.19","v4.3.0-rc.2","v4.3.0-rc.20","v4.3.0-rc.21","v4.3.0-rc.22","v4.3.0-rc.23","v4.3.0-rc.24","v4.3.0-rc.25","v4.3.0-rc.26","v4.3.0-rc.27","v4.3.0-rc.28","v4.3.0-rc.29","v4.3.0-rc.3","v4.3.0-rc.30","v4.3.0-rc.31","v4.3.0-rc.32","v4.3.0-rc.33","v4.3.0-rc.34","v4.3.0-rc.35","v4.3.0-rc.36","v4.3.0-rc.37","v4.3.0-rc.38","v4.3.0-rc.4","v4.3.0-rc.5","v4.3.0-rc.6","v4.3.0-rc.7","v4.3.0-rc.8","v4.3.0-rc.9","v4.4.0","v4.4.0-rc.1","v4.4.0-rc.12","v4.4.0-rc.13","v4.4.0-rc.14","v4.4.0-rc.15","v4.4.0-rc.16","v4.4.0-rc.17","v4.4.0-rc.18","v4.4.0-rc.19","v4.4.0-rc.2","v4.4.0-rc.20","v4.4.0-rc.21","v4.4.0-rc.22","v4.4.0-rc.23","v4.4.0-rc.24","v4.4.0-rc.25","v4.4.0-rc.26","v4.4.0-rc.27","v4.4.0-rc.28","v4.4.0-rc.29","v4.4.0-rc.3","v4.4.0-rc.30","v4.4.0-rc.31","v4.4.0-rc.32","v4.4.0-rc.33","v4.4.0-rc.34","v4.4.0-rc.35","v4.4.0-rc.36","v4.4.0-rc.37","v4.4.0-rc.38","v4.4.0-rc.4","v4.4.0-rc.5","v4.4.0-rc.6","v4.4.0-rc.7","v4.4.0-rc.8","v4.4.0-rc.9","v4.4.1-rc.1","v4.4.2","v4.4.2-rc.1","v4.4.2-rc.2","v4.4.2-rc.3","v4.4.2-rc.4","v4.4.2-rc.5","v4.4.2-rc.6","v4.4.2-rc.7","v4.4.3-rc.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-67718.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"}]}