A vulnerability has been found in Outline up to 1.4.x and classified as problematic. This affects an unknown part of the component API Endpoint. Performing a manipulation results in information disclosure.
This vulnerability is known as CVE-2026-28506. Remote exploitation of the attack is possible. No exploit is available.
The affected component should be upgraded.
![CVE-2025-10762 | kuaifan DooTask up to 1.2.49 UsersController.php keys[department] sql injection (Issue 283)](https://update.cybetower.swiss/wp-content/themes/Extra/images/post-format-thumb-text.svg)