CVE-2026-35452 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/CloneSite/client.log.php endpoint serves the clone operation log file witho…
Medium CVSS: 5.3

CVE-2026-35452

WWBN AVideo is an open source video platform. In versions 26.0 and prior, the plugin/CloneSite/client.log.php endpoint serves the clone operation log file without any authentication. Every other endpoint in the CloneSite plugin directory enforces User::isAdmin(). The log contains internal filesystem paths, remote server URLs, and SSH connection metadata.
Vendor
-
Product
-
CWE
CWE-200
Yayın Tarihi
2026-04-06 22:16:23
Güncelleme
2026-04-06 22:16:23
Source Identifier
security-advisories@github.com
KEV Date Added
-

Kategoriler

CWE-200 MEDIUM 2026

Referanslar

https://github.com/WWBN/AVideo/security/advisories/GHSA-99j6-hj87-6fcf