Metrics
Affected Vendors & Products
Fri, 17 Jul 2026 03:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control in Blog.Core GetInfoByToken Endpoint Exposes Admin Credentials |
Tue, 14 Jul 2026 13:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control Exposes Administrator Credentials via getinfobytoken API |
Sun, 12 Jul 2026 22:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control Exposes Administrator Credentials via getinfobytoken API |
Sun, 12 Jul 2026 04:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Admin Credential Exposure via Vulnerable GetInfoByToken API |
Fri, 10 Jul 2026 12:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Admin Credential Exposure via Vulnerable GetInfoByToken API |
Thu, 09 Jul 2026 03:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control Exposes Administrator Credentials via GetInfoByToken API in Blog.Core |
Wed, 08 Jul 2026 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control Exposes Administrator Credentials via GetInfoByToken API in Blog.Core |
Tue, 07 Jul 2026 17:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control Exposes Administrator Credentials via Blog.Core API |
Mon, 06 Jul 2026 13:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control Exposes Administrator Credentials via Blog.Core API |
Mon, 06 Jul 2026 04:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control Exposes Administrator Credentials via Blog.Core API |
Sun, 05 Jul 2026 12:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control Exposes Administrator Credentials via Blog.Core API |
Sat, 04 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control in Blog.Core GetInfoByToken API Exposes Admin Credentials |
Fri, 03 Jul 2026 13:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control in Blog.Core GetInfoByToken API Exposes Admin Credentials |
Thu, 02 Jul 2026 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A blog.admin v.8.0 and before system's getinfobytoken API interface contains an improper access control which leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security. | In Blog.Core through bcb4d17, the getinfobytoken API interface contains improper access control that leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security. NOTE: Blog.Admin is related front-end code that does not offer an API service. |
| Weaknesses | CWE-863 | |
| References |
| |
| Metrics |
cvssV3_1
|
cvssV3_1
|
Fri, 03 Apr 2026 10:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control in BlogAdmin GetInfoByToken API Exposes Administrator Credentials |
Thu, 02 Apr 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:anjoy8:blog.admin:8.0:*:*:*:*:*:*:* |
Mon, 30 Mar 2026 08:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control in BlogAdmin GetInfoByToken API Exposes Administrator Credentials | |
| First Time appeared |
Anjoy8
Anjoy8 blog.admin |
|
| Vendors & Products |
Anjoy8
Anjoy8 blog.admin |
Sun, 29 Mar 2026 20:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control in Blog.Admin getinfobytoken API Exposes Admin Credentials | |
| Weaknesses | CWE-200 CWE-285 |
Sat, 28 Mar 2026 03:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 | |
| Metrics |
cvssV3_1
|
Fri, 27 Mar 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Improper Access Control in Blog.Admin getinfobytoken API Exposes Admin Credentials | |
| Weaknesses | CWE-200 CWE-285 |
Fri, 27 Mar 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A blog.admin v.8.0 and before system's getinfobytoken API interface contains an improper access control which leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security. | |
| References |
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-05T01:29:51.969Z
Reserved: 2026-03-04T00:00:00.000Z
Link: CVE-2026-30689
Updated: 2026-03-27T20:31:54.015Z
Status : Analyzed
Published: 2026-03-27T15:16:53.620
Modified: 2026-06-17T10:32:52.410
Link: CVE-2026-30689
No data.
OpenCVE Enrichment
Updated: 2026-07-17T03:30:04Z