Search Results (1 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-30689 1 Anjoy8 1 Blog.admin 2026-07-02 4.3 Medium
In Blog.Core through bcb4d17, the getinfobytoken API interface contains improper access control that leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security. NOTE: Blog.Admin is related front-end code that does not offer an API service.