CVE-2026-59236 | Roskus Prospero Flow CRM up to 5.13.x Import save company_id authorization
A vulnerability categorized as problematic has been discovered in Roskus Prospero Flow CRM up to 5.13.x. This impacts an unknown function of the file /customer/import/excel/save of the component Import Handler. The manipulation of the argument company_id results in authorization bypass.
This vulnerability is reported as CVE-2026-59236. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More