CVE-2026-30689

Publication date

2026-03-27 00:00:00

Family

mitre

State

PUBLISHED

Description

A blog.admin v.8.0 and before systems getinfobytoken API interface contains an improper access control which leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security.