CVE-2025-55797 – An improper access control vulnerability in For... (How to Fix)

Q: What is the severity of CVE-2025-55797?

CVE-2025-55797 has a CVSS score of 6.5 (MEDIUM). An improper access control vulnerability in FormCms v0.5.4 allows unauthenticated attackers to access historical schema data through the /api/schemas/history/[schemaId] endpoint if they can guess or obtain valid schema IDs. This affects all deployments of FormCms v0.5.4 with the vulnerable endpoint exposed.

📋 TL;DR

An improper access control vulnerability in FormCms v0.5.4 allows unauthenticated attackers to access historical schema data through the /api/schemas/history/[schemaId] endpoint if they can guess or obtain valid schema IDs. This affects all deployments of FormCms v0.5.4 with the vulnerable endpoint exposed.

💻 Affected Systems

Products:

FormCms

Versions: v0.5.4

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects deployments with the /api/schemas/history/ endpoint accessible. Default installations are vulnerable.

📦 What is this software?

Formcms by Formcms

View all CVEs affecting Formcms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could exfiltrate all historical schema data including potentially sensitive form configurations, metadata, and previous versions of schemas containing user data structures.

🟠

Likely Case

Unauthorized access to historical schema versions revealing form structure changes, metadata, and potentially sensitive configuration details.

🟢

If Mitigated

No data exposure with proper authentication and authorization controls in place.

🌐 Internet-Facing: HIGH - Unauthenticated access to potentially sensitive historical data with simple enumeration attacks.

🏢 Internal Only: MEDIUM - Still vulnerable to internal attackers or compromised accounts, but attack surface is reduced.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires guessing or obtaining valid schema IDs, which could be enumerated through predictable patterns or other information leaks.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v0.5.5 or later

Vendor Advisory: https://github.com/FormCms/FormCms

Restart Required: No

Instructions:

1. Update FormCms to v0.5.5 or later. 2. Pull latest changes from GitHub repository. 3. Deploy updated code. 4. Verify the fix by testing the endpoint.

🔧 Temporary Workarounds

Block Unauthenticated Access

all

Implement authentication middleware or access controls on the /api/schemas/history/ endpoint

# Add authentication check in route handler or middleware
# Example for Express.js: app.use('/api/schemas/history/', authenticateMiddleware)

Network Access Control

linux

Restrict access to the API endpoint using firewall rules or network segmentation

# Example iptables rule: iptables -A INPUT -p tcp --dport [API_PORT] -s [TRUSTED_NETWORK] -j ACCEPT
# iptables -A INPUT -p tcp --dport [API_PORT] -j DROP

🧯 If You Can't Patch

Implement strong authentication and authorization checks for all API endpoints
Monitor and log all access to the /api/schemas/history/ endpoint for suspicious activity

🔍 How to Verify

Check if Vulnerable:

Attempt to access /api/schemas/history/[valid_schema_id] without authentication. If historical data is returned, the system is vulnerable.

Check Version:

Check package.json or FormCms version file for version number

Verify Fix Applied:

After patching, attempt the same unauthenticated access. Should receive 401/403 error or no data.

📡 Detection & Monitoring

Log Indicators:

Multiple 200 OK responses to /api/schemas/history/ from unauthenticated users
Unusual access patterns to schema history endpoints

Network Indicators:

Unencrypted API calls to schema history endpoints
Bursts of requests to sequential schema IDs

SIEM Query:

source="web_server" AND (uri_path="/api/schemas/history/*" AND NOT user_authenticated="true")

📊 Metadata

CVE ID: CVE-2025-55797

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

CWE: CWE-284

EPSS Score: 0.09% exploit probability (25.1th percentile)

Published: September 30, 2025

Last Updated: October 7, 2025

🔗 References

https://github.com/FormCms Product
https://github.com/FormCms/FormCms Product
https://github.com/KKC73/me/tree/main/CVE-2025-55797 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-55797, you might also want to check these: