CVE-2026-41459 | thexerteproject xerteonlinetoolkits up to 3.15.0 GET Request /setup root_path exposure of sensitive system information to an unauthorized control sphere (ID 1527)

A vulnerability, which was classified as problematic, has been found in thexerteproject xerteonlinetoolkits up to 3.15.0. Impacted is an unknown function of the file /setup of the component GET Request Handler. The manipulation of the argument root_path leads to exposure of sensitive system information to an unauthorized control sphere.

This vulnerability is referenced as CVE-2026-41459. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More