CVE-2026-38934 | THREATINT

Description

Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php

PUBLISHED Reserved 2026-04-06 | Published 2026-04-27 | Updated 2026-04-27 | Assigner mitre

References

github.com/...overdata-cve-writeups/blob/main/CVE-2026-38934 exploit

diskover-community.com

diskoverdata.com

github.com/...overdata-cve-writeups/blob/main/CVE-2026-38934

cve.org (CVE-2026-38934)

nvd.nist.gov (CVE-2026-38934)

Download JSON