Vulnerability Description
A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected by this vulnerability is an unknown functionality of the file /api/Security/ of the component Security API. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Go2Ismail | Asp.Net-Core-Inventory-Order-Management-System | <= 9.20250118 |
Related Weaknesses (CWE)
References
- https://github.com/Ghufran2/CVE-Asp.Net-Core-Inventory-Order-Management-System-AExploitMitigationThird Party Advisory
- https://vuldb.com/?ctiid.347986Permissions RequiredVDB Entry
- https://vuldb.com/?id.347986Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.758335Third Party AdvisoryVDB Entry
FAQ
What is CVE-2026-3263?
CVE-2026-3263 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability was found in go2ismail Asp.Net-Core-Inventory-Order-Management-System up to 9.20250118. Affected by this vulnerability is an unknown functionality of the file /api/Security/ of the com...
How severe is CVE-2026-3263?
CVE-2026-3263 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-3263?
Check the references section above for vendor advisories and patch information. Affected products include: Go2Ismail Asp.Net-Core-Inventory-Order-Management-System.