3 matches found
CVE-2026-30689
In Blog.Core through bcb4d17, the getinfobytoken API interface contains improper access control that leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security. NOTE: Blog.Admin is related front-end...
CVE-2026-30689
In Blog.Core through bcb4d17, the getinfobytoken API interface contains improper access control that leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security. NOTE: Blog.Admin is related front-end...
CVE-2026-30689
CVE-2026-30689 affects Blog.Admin (v8.0 and earlier). The root cause is an improper access control in the system’s getinfobytoken API, allowing unauthorized parties with a valid token to obtain sensitive administrator account information. The vulnerability is described as leading to sensitive dat...