CVE-2026-49396 | nezhahq nezha up to 2.0.13 GET Request cross-site request forgery (GHSA-8qhj-4f8c-j8qg)

Inserito da Angelo Barbosa | Giu 13, 2026 | CVE

A vulnerability was found in nezhahq nezha up to 2.0.13 and classified as problematic. This affects an unknown part of the component GET Request Handler. Such manipulation leads to cross-site request forgery.

This vulnerability is traded as CVE-2026-49396. The attack may be launched remotely. There is no exploit available.

It is suggested to upgrade the affected component.

CVE-2026-49396 | nezhahq nezha up to 2.0.13 GET Request cross-site request forgery (GHSA-8qhj-4f8c-j8qg)

Post correlati

CVE-2024-24817 | Discourse discourse-calendar up to 0.3 Event Invite information disclosure

CVE-2024-12182 | DedeCMS 5.7.116 /member/soft_add.php body cross site scripting

CVE-2024-6202 | Halo Service Solutions HaloITSM up to 2.146.0 SAML XML Signature Wrapping authorization

CVE-2024-35757 | 5 Star Plugins Easy Age Verify Plugin up to 1.8.2 on WordPress cross site scripting