PT-2026-5268 · Unknown · Open Security Issue Management
Moritz Oehrlein
·
Published
2026-01-29
·
Updated
2026-03-10
·
CVE-2026-1616
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Open Security Issue Management (OSIM) versions prior to 2025.9.0
Description
A path traversal issue exists in Open Security Issue Management (OSIM) due to the concatenation of
$uri$args` within the nginx configuration file. This allows attackers to potentially access unauthorized files through crafted query parameters.Recommendations
Update to version 2025.9.0 or later.
Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open Security Issue Management