VYPR
Medium severity4.3NVD Advisory· Published Oct 25, 2024· Updated Jun 17, 2026

CVE-2022-30359

CVE-2022-30359

Description

OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserList. Authentication is required. The information disclosed is associated with the all registered users, including user ID, status, email address, role(s), user type, license type, and personal details such as first name, last name, gender, and user preferences.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • OvalEdge/OvalEdgecpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=5.2.8.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.