Vendor
Jleehr
Products
1
CVEs
2
Across products
2
Status
Private
Products
1- 2 CVEs
Recent CVEs
2| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-55375 | 0.00 | — | — | Jun 19, 2026 | ## Summary In affected versions, the OAuth2 token request sends `app_id`, `app_secret`, `refresh_token` and `code` as URL query parameters of the POST request to `https://oauth./oauth/api/oauth2/token`. Request URLs are commonly recorded in access logs, proxy… | |||
| CVE-2026-55374 | 0.00 | — | — | Jun 19, 2026 | ## Summary In affected versions, `Request::buildRequestUrl()` inserts path variables into the request URL without URL encoding (`implode('/', $pathVariables)`). All request classes implementing `getPathVariables()` are affected, e.g. `GetContentDetailsRequest`… |
- CVE-2026-55375Jun 19, 2026risk 0.00cvss —epss —
## Summary In affected versions, the OAuth2 token request sends `app_id`, `app_secret`, `refresh_token` and `code` as URL query parameters of the POST request to `https://oauth./oauth/api/oauth2/token`. Request URLs are commonly recorded in access logs, proxy…
- CVE-2026-55374Jun 19, 2026risk 0.00cvss —epss —
## Summary In affected versions, `Request::buildRequestUrl()` inserts path variables into the request URL without URL encoding (`implode('/', $pathVariables)`). All request classes implementing `getPathVariables()` are affected, e.g. `GetContentDetailsRequest`…