Medium severity4.3NVD Advisory· Published Oct 25, 2024· Updated Jun 17, 2026
CVE-2022-30359
CVE-2022-30359
Description
OvalEdge 5.2.8.0 and earlier is affected by a Sensitive Data Exposure vulnerability via a GET request to /user/getUserList. Authentication is required. The information disclosed is associated with the all registered users, including user ID, status, email address, role(s), user type, license type, and personal details such as first name, last name, gender, and user preferences.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- cve.offsecguy.com/ovaledge/vulnerabilities/sensitive-data-exposurenvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.