CVE-2026-4263

Medium CVSS: 6.9

Vulnerability of incorrect authorization in HiJiffy Chatbot allows an attacker to download private messages from other users via the parameter
'visitor' in '/api/v1/webchat/message'.

Vendor

Product

CWE

CWE-863

Yayın Tarihi

2026-03-26 10:16:26

Güncelleme

2026-03-26 15:13:15

Source Identifier

cve-coordination@incibe.es

KEV Date Added

Kategoriler

CWE-863 MEDIUM 2026

Referanslar

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-hijiffy-chatbot