CVE-2026-30760

Published: May 28, 2026

Modified: May 29, 2026

PUBLISHED

Description

An issue in SourceBans Material Admin before v.1.1.6 (3ecd95e) allows attackers to manipulate arbitrary user data in the web app via a crafted XAJAX call.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gist.github.com/ng-dst/ca6663a4107fd39eaba1be2cb1d52b51

https://github.com/SB-MaterialAdmin/Web

https://github.com/SB-MaterialAdmin/Web/issues/374

https://gist.github.com/ng-dst/450b698433f628990921f1e5ab46ff8c

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2026-30760

Description

Affected Products

References