CVE-2026-30689

High CVSS: 7.5

A blog.admin v.8.0 and before system's getinfobytoken API interface contains an improper access control which leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security.

Vendor

Anjoy8

Product

Blog.admin

CWE

CWE-284

Yayın Tarihi

2026-03-27 15:16:53

Güncelleme

2026-04-02 19:57:44

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-284 Blog.admin HIGH Anjoy8 2026

Referanslar

http://blagadmin.com https://gist.github.com/Sw3092567023/c420c6a5ee947d72aeab2b3e0ba92a40 https://github.com/anjoy8/Blog.Core