CVE-2026-42276 | Onyx up to 3.0.8/3.1.5/3.2.5 Endpoint /chat/stop-chat-session/ authorization (GHSA-rw6w-hp62-gc8w)

Inserito da Angelo Barbosa | Mag 8, 2026 | CVE

A vulnerability marked as problematic has been reported in Onyx up to 3.0.8/3.1.5/3.2.5. Affected is an unknown function of the file /chat/stop-chat-session/ of the component Endpoint. The manipulation leads to authorization bypass.

This vulnerability is traded as CVE-2026-42276. It is possible to initiate the attack remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2026-42276 | Onyx up to 3.0.8/3.1.5/3.2.5 Endpoint /chat/stop-chat-session/ authorization (GHSA-rw6w-hp62-gc8w)

Post correlati

CVE-2024-8538 | Big File Uploads Plugin up to 2.1.2 on WordPress information disclosure

CVE-2026-8255 | Devs Palace ERP Online up to 4.0.0 add_new_customer cross site scripting

CVE-2024-25641 | Cacti up to 1.2.26 Package Import /lib/import.php import_package code injection

CVE-2024-9673 | Piotnet Addons For Elementor Plugin up to 2.4.31 on WordPress cross site scripting