CVE-2026-3321

HIGH

Authorization Bypass in ON24 Q&A chat

Title source: cna

Description

A vulnerability of authorization bypass through user-controlled key in the 'console-survey/api/v1/answer/{EVENTID}/{TIMESTAMP}/' endpoint. Exploiting this vulnerability would allow an unauthenticated attacker to enumerate event IDs and obtain the complete Q&A history. This publicly exposed data may include IDs, private URLs, private messages, internal references, or other sensitive information that should only be exposed to authenticated users. In addition, the leaked content could be exploited to facilitate other malicious activities, such as reconnaissance for lateral movement, exploitation of related systems, or unauthorised access to internal applications referenced in the content of chat messages.

References (1)

https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-on24-qa-chat

Scores

CVSS v4 8.7

EPSS 0.0012

EPSS Percentile 31.1%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-639

Status published

Products (1)

ON24/ON24 Q&A chat

Published Mar 30, 2026

Tracked Since Mar 30, 2026