CVE-2026-1879 Harvard University IQSS Dataverse Theme Customization ThemeAndWidgets.xhtml unrestricted upload

🗓️ 01 Apr 2026 10:00:10Reported by VulDBType

CVE-2026-1879 allows unrestricted upload via ThemeAndWidgets.xhtml in Dataverse; upgrade to version 6.10.

Reporter	Title	Published	Views	Family All 9
ATTACKERKB	CVE-2026-1879	1 Apr 202610:00	–	attackerkb
Circl	CVE-2026-1879	1 Apr 202612:13	–	circl
CNNVD	Dataverse 代码问题漏洞	1 Apr 202600:00	–	cnnvd
CVE	CVE-2026-1879	1 Apr 202610:00	–	cve
EUVD	EUVD-2026-17851	1 Apr 202612:31	–	euvd
NVD	CVE-2026-1879	1 Apr 202610:16	–	nvd
Positive Technologies	PT-2026-29508	1 Apr 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-1879	2 Apr 202610:53	–	redhatcve
Vulnrichment	CVE-2026-1879 Harvard University IQSS Dataverse Theme Customization ThemeAndWidgets.xhtml unrestricted upload	1 Apr 202610:00	–	vulnrichment

[
  {
    "vendor": "Harvard University",
    "product": "IQSS Dataverse",
    "versions": [
      {
        "version": "6.0",
        "status": "affected"
      },
      {
        "version": "6.1",
        "status": "affected"
      },
      {
        "version": "6.2",
        "status": "affected"
      },
      {
        "version": "6.3",
        "status": "affected"
      },
      {
        "version": "6.4",
        "status": "affected"
      },
      {
        "version": "6.5",
        "status": "affected"
      },
      {
        "version": "6.6",
        "status": "affected"
      },
      {
        "version": "6.7",
        "status": "affected"
      },
      {
        "version": "6.8",
        "status": "affected"
      },
      {
        "version": "6.10",
        "status": "unaffected"
      }
    ],
    "modules": [
      "Theme Customization"
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/vuln/354616/cti
github	www.github.com/IQSS/dataverse/releases/tag/v6.10
vuldb	www.vuldb.com/submit/749003
gist	www.gist.github.com/KaiqueFerreiraPeres/ba039887d7f894a7c38252314e0ef2cc
vuldb	www.vuldb.com/vuln/354616

01 Apr 2026 10:00Current

CVSS 45.3

CVSS 3.16.3

CVSS 36.3

CVSS 26.5

EPSS0.00018