Bgermann · Cformsii · CVE-2026-39436
**Name of the Vulnerable Software and Affected Versions**
CformsII versions prior to 15.1.4
**Description**
Cross-Site Request Forgery (CSRF) in bgermann CformsII allows an attacker to perform unauthorized actions on behalf of a user. CSRF is a flaw where a malicious website tricks a user's browser into sending an unwanted request to a different website where the user is authenticated.
**Recommendations**
Update to a version newer than 15.1.3.