CVE-2026-39250

HIGH CVSS 7.3 View on NVD ↗

Description

An authorization vulnerability exists in Innoshop 0.6.0. After logging into the frontend, an attacker can directly access backend application interfaces, leading to further dangerous operations.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

References

https://gist.github.com/hkdmh/4af513ea7589212cb1d49bc5d972972e
https://www.innoshop.com/

Published: May 19, 2026 21:16 UTC Modified: May 20, 2026 14:25 UTC