PT-2026-2862 · Bluvoyix · Bluvoyix
Eaton Zveare
·
Publicado
2026-01-14
·
Atualizado
2026-01-14
·
CVE-2026-22239
CVSS v4.0
10
Crítica
| Vetor | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/RE:H/U:Amber |
Name of the Vulnerable Software and Affected Versions
BLUVOYIX (affected versions not specified)
Description
A design flaw in the email sending API of BLUVOYIX allows an unauthenticated remote attacker to send specially crafted HTTP requests to the vulnerable API. Successful exploitation could enable the attacker to send unsolicited emails to any recipient on behalf of the company. The vulnerable API endpoint is the email sending API. The attack involves sending crafted HTTP requests.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Resource Exhaustion
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Bluvoyix