CVE-2018-18531 in Katcha

orbeon / orbeon-forms

Orbeon Forms is an open source web forms solution. It includes an XForms engine, the Form Builder web-based form editor, and the Form Runner runtime.

http://www.orbeon.com/

GNU Lesser General Public License v2.1

511 stars 220 forks source link

CVE-2018-18531 in Katcha #6382

Closed avernet closed 2 weeks ago

avernet commented 2 weeks ago

https://nvd.nist.gov/vuln/detail/CVE-2018-18531

+1 from customer

avernet commented 2 weeks ago

We now have our own fork of Kaptcha (https://github.com/orbeon/kaptcha), from which we publish a package with GitHub Packages that includes a fix for this CVE. We reference this package in the Orbeon Forms build.sbt.