PT-2026-5308 · Unknown · Bdtask Saleserp
4M3Rr0R
·
Publicado
2026-01-29
·
Atualizado
2026-02-20
·
CVE-2026-1597
CVSS v3.1
8.8
Alta
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Bdtask SalesERP versions prior to 20260116
Description
A security issue exists in Bdtask SalesERP related to improper authorization. The issue affects processing within the Administrative Endpoint component. Manipulation of the
ci session argument can lead to unauthorized access. The exploit has been publicly disclosed, and the vendor was informed but did not respond.Recommendations
Update Bdtask SalesERP to a version later than 20260116.
Exploit
Correção
Improper Authorization
Incorrect Privilege Assignment
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Bdtask Saleserp