Security Advisory

CVE-2026-32969

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-03-23 11:16:22

Last updated 2026-03-23 16:01:30

Assigner CERTVDE

State PUBLISHED

Description

An unauthenticated remote attacker can exploit a Pre-Auth blind SQL Injection vulnerability in the userinfo endpoint’s authentication method due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

← Browse all CVEs View on cve.org ↗