CVE-2026-4262 | HiJiffy Chatbot Private Message /api/v1/download/ ID authorization

Inserito da Angelo Barbosa | Mar 26, 2026 | CVE

A vulnerability classified as problematic was found in HiJiffy Chatbot. This affects an unknown function of the file /api/v1/download/ of the component Private Message Handler. Such manipulation of the argument ID leads to incorrect authorization.

This vulnerability is referenced as CVE-2026-4262. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-4262 | HiJiffy Chatbot Private Message /api/v1/download/ ID authorization

Post correlati

CVE-2025-71216 | Trend Micro Apex One Security Agent Cache race condition

CVE-2024-47140 | Observium CE 24.4.13528 add_alert_check cross site scripting (TALOS-2024-2090)

CVE-2024-13848 | jakob42 Reaction Buttons Plugin up to 2.1.6 on WordPress Setting cross site scripting

CVE-2025-1348 | IBM Sterling B2B Integrator/Sterling File Gateway up to 6.1.2.6/6.2.0.4 web browser cache containing sensitive information