Security Advisory

CVE-2023-26261

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-03-08 00:00:00

Last updated 2025-03-05 18:36:13

Assigner mitre

State PUBLISHED

Description

In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another connected user. The fixed versions are WAAP Gateway & Cloud 6.11.0 and 6.5.6-patch15.

← Browse all CVEs View on cve.org ↗