CVE-2026-28496 | FOSSBilling up to 0.7.x API Endpoint /api/system special elements used in a template engine (GHSA-57mv-jm88-66jc)

Inserito da Angelo Barbosa | Giu 23, 2026 | CVE

A vulnerability was found in FOSSBilling up to 0.7.x. It has been rated as problematic. Affected by this vulnerability is an unknown functionality of the file /api/system of the component API Endpoint. The manipulation leads to improper neutralization of special elements used in a template engine.

This vulnerability is documented as CVE-2026-28496. The attack can be initiated remotely. There is not any exploit available.

Upgrading the affected component is advised.

CVE-2026-28496 | FOSSBilling up to 0.7.x API Endpoint /api/system special elements used in a template engine (GHSA-57mv-jm88-66jc)

Post correlati

CVE-2024-42741 | TOTOLINK X5000r 9.1.0cu.2350_b20230313 /cgi-bin/cstecgi.cgi setL2tpServerCfg os command injection

CVE-2021-34962 | Foxit PDF Editor 11.0.0.49893 Caret Annotation use after free (ZDI-21-1193)

CVE-2026-42584 | netty netty-codec-http up to 4.1.133.Final/4.2.13.Final queue.poll request smuggling

CVE-2025-0611 | Google Chrome up to 132.0.6834.83 V8 heap-based overflow