CVE-2026-48877
6.5 MEDIUMInsertion of Sensitive Information Into Sent Data vulnerability in Tom GenerateBlocks allows Retrieve Embedded Sensitive Data
Published: 2026-05-27 · Last updated: 2026-05-27
Severity and scoring
- CVSS
- 6.5 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- CWE
- CWE-201
Description
Insertion of Sensitive Information Into Sent Data vulnerability in Tom GenerateBlocks allows Retrieve Embedded Sensitive Data. This issue affects GenerateBlocks: from n/a through 2.1.0.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-54197 — Unauthenticated Sensitive Data Exposure in GetGenie <= 4.4.1 versions (6.5 MEDIUM)
- CVE-2026-52695 — Unauthenticated Sensitive Data Exposure in ABC Crypto Checkout <= 1.8.2 versions (7.5 HIGH)
- CVE-2026-52692 — Unauthenticated Sensitive Data Exposure in Affiliates Manager <= 2.9.50 versions (7.5 HIGH)
- CVE-2026-49082 — Subscriber Sensitive Data Exposure in Chatway Live Chat – AI Chatbot, Customer Support, FAQ & Helpdesk Customer Service & C... (7.4 HIGH)
- CVE-2026-48965 — Subscriber Sensitive Data Exposure in XCloner <= 4.8.6 versions (6.5 MEDIUM)