Critical severity9.1NVD Advisory· Published May 12, 2026· Updated May 13, 2026
CVE-2026-29204
CVE-2026-29204
Description
Insufficient ownership check in clientarea.php allows an authenticated client area user to submit requests using another user’s addonId without any ownership validation leading to unauthorized access to the victim's account.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.