CVE-2026-4262

Publication date

2026-03-26 09:06:22

Family

INCIBE

State

PUBLISHED

Description

Vulnerability of incorrect authorization in HiJiffy Chatbot allows an attacker to download private messages from other users via the parameter ID in /api/v1/download//.