CVE-2026-7189
HIGH
7.5
CVSS 3.1
Description
Insertion of sensitive information into sent data vulnerability in Proliz Software Ltd. Co. Proliz's OBS allows Accessing Functionality Not Properly Constrained by ACLs.
This issue affects Proliz's OBS: before v3.6.0.
Metadata
Severity & Metrics
7.5
HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
SSVC — CISA Coordinator
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| Proliz Software Ltd. Co. | Proliz's OBS | — | 0 < v3.6.0 |
Weakness (CWE)
| CWE | Source | Description |
|---|---|---|
| CWE-201 | cna | CWE-201 Insertion of sensitive information into sent data |
CVSS scores (1)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 7.5 | HIGH | 3.1 | cna | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |