PT-2026-29595 · Pyload · Pyload
Arkmarta
+1
·
Published
2026-04-01
·
Updated
2026-04-02
·
CVE-2026-34747
CVSS v3.1
8.5
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Payload versions prior to 3.79.1
Description
Payload, a headless content management system, had insufficient input validation in certain requests. This allowed attackers to manipulate SQL query execution, potentially leading to data exposure or modification in collections.
Recommendations
Upgrade to version 3.79.1 or later.
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pyload