Security Advisory

CVE-2020-36948

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-01-27 15:23:50

Last updated 2026-03-05 01:27:04

Assigner VulnCheck

State PUBLISHED

Description

VestaCP 0.9.8-26 contains a session token vulnerability in the LoginAs module that allows remote attackers to manipulate authentication tokens. Attackers can exploit insufficient token validation to access user accounts and perform unauthorized login requests without proper administrative permissions.

← Browse all CVEs View on cve.org ↗