2 matches found
CVE-2026-56843
creationtimestamp| type| source ---|---|--- 2026-07-08 01:30:26+00:00| seen| https://infosec.exchange/users/offseq/statuses/116881766886443952 2026-07-08 01:30:28+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mq3xtwsr2j2i 2026-07-08 01:50:31+00:00| seen|...
CVE-2026-56843
WebPros Plesk (XML-RPC API) prior to 18.0.78.4 has an incorrect authorization flaw that lets a low-privileged, authenticated user look up domains they do not own. Ownership checks apply only to some lookup filters, and legacy protocol versions bypass schema validation, enabling cross-tenant discl...