Vulnerability Details CVE-2026-21626
Access control settings for forum post custom fields are not applied to the JSON output type, leading to an ACL violation vector an information disclosure
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.1%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2026-21626
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9248
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9289
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9304
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9385
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9422
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9463
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9505
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9519
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9534
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9599
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9676
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9740
-
cpe:2.3:a:stackideas:easydiscuss:3.2.9744
-
cpe:2.3:a:stackideas:easydiscuss:4.0.2
-
cpe:2.3:a:stackideas:easydiscuss:4.0.20
-
cpe:2.3:a:stackideas:easydiscuss:4.0.21
-
cpe:2.3:a:stackideas:easydiscuss:4.0.8
-
cpe:2.3:a:stackideas:easydiscuss:5.0.10