Vulnerabilities

CVE-2026-31381

by Fred · 20/03/2026

An attacker can extract user email addresses (PII) exposed in base64 encoding via the state parameter in the OAuth callback URL.

More information : http://www.rapid7.com/blog/post/ve-cve-2026-31381-cve-2026-31382-gainsight-assist-information-disclosure-xss-fixed

Similar

Tags: Cybersecurity Alert