CVE-2026-30760 | THREATINT

Description

An issue in SourceBans Material Admin before v.1.1.6 (3ecd95e) allows attackers to manipulate arbitrary user data in the web app via a crafted XAJAX call.

PUBLISHED Reserved 2026-03-04 | Published 2026-05-28 | Updated 2026-05-29 | Assigner mitre

References

gist.github.com/ng-dst/ca6663a4107fd39eaba1be2cb1d52b51

github.com/SB-MaterialAdmin/Web

github.com/SB-MaterialAdmin/Web/issues/374

gist.github.com/ng-dst/450b698433f628990921f1e5ab46ff8c

cve.org (CVE-2026-30760)

nvd.nist.gov (CVE-2026-30760)

Download JSON