CVE-2026-45558 Roxy-WI: Authenticated RCE on every managed HAProxy load balancer via `option` field config injection in section save

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the HAProxy section-save endpoints POST /api/service/haproxy//section/ and the PUT / global / defaults variants accept a JSON option field that is not validated, not escaped, and ...

[20190701] - Core - Filter attribute in subform fields allows remote code execution

Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option...

[20180506] - Core - Filter field in com_fields allows remote code execution

Inadequate filtering allows users authorised to create custom fields to manipulate the filtering options and inject an unvalidated option...