CVE-2025-11443 | JhumanJ OpnForm up to 1.9.3 Forgotten Password /api/password/email information exposure

A vulnerability has been found in JhumanJ OpnForm up to 1.9.3 and classified as problematic. This affects an unknown function of the file /api/password/email of the component Forgotten Password Handler. This manipulation causes information exposure through discrepancy.

The identification of this vulnerability is CVE-2025-11443. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

This issue is currently aligned with Laravel issue #46465, which is why no mitigation action was taken.VulDB Recent EntriesRead More