anjoy8

1 exploit Active since Mar 2026
CVE-2026-30689 WRITEUP MEDIUM WRITEUP
blog.admin <= 8.0 - Sensitive Data Exposure via getinfobytoken API
In Blog.Core through bcb4d17, the getinfobytoken API interface contains improper access control that leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security. NOTE: Blog.Admin is related front-end code that does not offer an API service.
CVSS 4.3