Security Advisory

CVE-2026-31381

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-20 13:02:07
Last updated 2026-03-23 10:21:31
Assigner rapid7
State PUBLISHED

Description

An attacker can extract user email addresses (PII) exposed in base64 encoding via the state parameter in the OAuth callback URL.

← Browse all CVEs View on cve.org ↗