CVE-2026-8054 | dotCMS up to 26.04.28-02 Publish Audit API Endpoint /api/auditPublishing/get sql injection

Inserito da Angelo Barbosa | Mag 27, 2026 | CVE

A vulnerability has been found in dotCMS up to 26.04.28-02 and classified as critical. This affects an unknown part of the file /api/auditPublishing/get of the component Publish Audit API Endpoint. The manipulation leads to sql injection.

This vulnerability is referenced as CVE-2026-8054. Remote exploitation of the attack is possible. No exploit is available.

The affected component should be upgraded.

CVE-2026-8054 | dotCMS up to 26.04.28-02 Publish Audit API Endpoint /api/auditPublishing/get sql injection

Post correlati

CVE-2025-14078 | PAYGENT for WooCommerce Plugin up to 2.4.6 on WordPress Payment Call check paygent_check_webhook authorization

CVE-2024-0283 | Kashipara Food Management System up to 1.0 party_details.php party_name cross site scripting

CVE-2025-44831 | EngineerCMS up to 2.0.5 /project/addproject sql injection

CVE-2024-45522 | Linen Setting Privilege Escalation