Security Advisory

CVE-2026-1698

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-26 07:58:00

Last updated 2026-03-26 08:25:09

Assigner arcinfo

State PUBLISHED

Description

A HTTP Host header attack vulnerability affects WebClient and the WebScheduler web apps of PcVue in version 15.0.0 through 16.3.3 included, allowing a remote attacker to inject harmful payloads that manipulate server-side behavior. This vulnerability only affects the endpoints /Authentication/ExternalLogin, /Authentication/AuthorizationCodeCallback and /Authentication/Logout of the WebClient and WebScheduler web apps.

← Browse all CVEs View on cve.org ↗