CVE-2026-40928 | WWBN AVideo up to 29.0 JSON Endpoint comments_like.json.php cross-site request forgery (GHSA-x2pw-9c38-cp2j)

Inserito da Angelo Barbosa | Apr 22, 2026 | CVE

A vulnerability was found in WWBN AVideo up to 29.0. It has been classified as problematic. Affected by this issue is some unknown functionality of the file objects/comments_like.json.php of the component JSON Endpoint. The manipulation leads to cross-site request forgery.

This vulnerability is documented as CVE-2026-40928. The attack can be initiated remotely. There is not any exploit available.

It is suggested to install a patch to address this issue.

CVE-2026-40928 | WWBN AVideo up to 29.0 JSON Endpoint comments_like.json.php cross-site request forgery (GHSA-x2pw-9c38-cp2j)

Post correlati

CVE-2024-34585 | Samsung Devices up to SMR Feb-2021 Release 1 SystemUI access control

CVE-2024-36934 | Linux Kernel up to 6.8.9 bna memdup_user_nul null termination

CVE-2020-26627 | Hospital Management System 4.0 Admin Remark sql injection (ID 176302)

CVE-2024-40084 | Vilo Mesh WiFi System up to 5.16.1.33 Boa Webserver buffer overflow