Back to overview

CVE-2026-7488

HIGH
7.5
CVSS 3.1
Description
Insertion of sensitive information into sent data vulnerability in IKAS Technology Inc. E-Commerce allows Retrieve Embedded Sensitive Data. This issue affects E-Commerce: through 03062026.

Metadata

CVE ID
CVE-2026-7488
State
PUBLISHED
Assigner
TR-CERT
Reserved
2026-04-30 08:35 UTC
Published
2026-07-17 13:07 UTC
Last updated
2026-07-17 13:55 UTC
Primary CWE
CWE-201
CWE-201 Insertion of sensitive information into sent data
Vendor / Product
IKAS Technology Inc. / E-Commerce
Sources
cve.org  ·  NVD

Severity & Metrics

7.5 HIGH CVSS 3.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
SSVC — CISA Coordinator
Exploitation
none
Automatable
yes
Tech. Impact
partial
Affected products (1)
VendorProductPlatformVersions
IKAS Technology Inc. E-Commerce 0 ≤ 03062026
Weakness (CWE)
CWESourceDescription
CWE-201 cna CWE-201 Insertion of sensitive information into sent data
CVSS scores (1)
ScoreSeverityVersionSourceVector
7.5 HIGH 3.1 cna CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Back to overview