PT-2026-5308 · Unknown · Bdtask Saleserp
4M3Rr0R
·
Published
2026-01-29
·
Updated
2026-02-20
·
CVE-2026-1597
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Bdtask SalesERP versions prior to 20260116
Description
A security issue exists in Bdtask SalesERP related to improper authorization. The issue affects processing within the Administrative Endpoint component. Manipulation of the
ci session argument can lead to unauthorized access. The exploit has been publicly disclosed, and the vendor was informed but did not respond.Recommendations
Update Bdtask SalesERP to a version later than 20260116.
Exploit
Fix
Improper Authorization
Incorrect Privilege Assignment
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Bdtask Saleserp