Security Advisory

CVE-2026-2552

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-02-16 11:02:05

Last updated 2026-02-23 10:08:48

Assigner VulDB

State PUBLISHED

Description

A vulnerability was identified in ZenTao up to 21.7.8. Affected by this issue is the function delete of the file editor/control.php of the component Committer. Such manipulation of the argument filePath leads to path traversal. Upgrading to version 21.7.9 can resolve this issue. The affected component should be upgraded.

← Browse all CVEs View on cve.org ↗