Vulnerability in N/a

CVE-2026-30689

A blog.admin v.8.0 and before system's getinfobytoken API interface contains an improper access control which leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token…

EPSS: 0.001 (18.2th percentile) — read the EPSS interpretation.