CVE-2026-11453 | Tiobon Employee Self-Service System up to 7.2 Login Endpoint /Blog/BlogSearch.aspx Keyword sql injection

A vulnerability was found in Tiobon Employee Self-Service System up to 7.2 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /Blog/BlogSearch.aspx of the component Login Endpoint. The manipulation of the argument Keyword results in sql injection.

This vulnerability is reported as CVE-2026-11453. The attack can be launched remotely. Moreover, an exploit is present.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More