PT-2026-20476 · Newsbee · Newbee-Mall

Flashzyc

Publicado

2026-02-18

Atualizado

2026-02-24

CVE-2026-2658

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions newbee-ltd newbee-mall (affected versions not specified)

Description A flaw exists in newbee-ltd newbee-mall. This issue involves a function within the Multiple Endpoints component that can be exploited to perform cross-site request forgery. Remote exploitation is possible. The exploit has been publicly released. The project was notified of the issue but has not yet responded.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

CSRF

Missing Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-352CWE-862

Identificadores relacionados

CVE-2026-2658

Produtos afetados

Newbee-Mall

PT-2026-20476 · Newsbee · Newbee-Mall

CVE-2026-2658

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 19