CVE-2026-11442

CVE-2026-11442 affects Allegra, via the exportReport method. The vulnerability arises from inadequate validation of a user-supplied path used in file operations, enabling an attacker to disclose sensitive information with the service account’s context. The CVE notes a directory traversal and info...

PT-2026-49051

Allegra exportReport Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the...