Home / Vulnerability Intelligence / CVE-2026-7071

CVE-2026-7071 - Vulnerability Analysis

MediumCVSS: 5.3

Last Updated: April 27, 2026

CodeAstro Online Job Portal - Information Disclosure

Published: April 27, 2026Updated: April 27, 2026PoC AvailableRemote Exploitable

Overview

CodeAstro Online Job Portal 1.0 contains an information disclosure vulnerability caused by manipulation in /users/user-cvs/, letting remote attackers access file and directory information, exploit requires no special conditions.

Severity & Score

Severity: Medium

CVSS Score: 5.3

Impact

Remote attackers can access sensitive file and directory information, potentially exposing confidential data.

Mitigation

Update to the latest version.

References

https://github.com/Xmyronn/CodeAstro-Job-Portal-Unauthenticated-Resume-Exposure
https://vuldb.com/submit/799236
https://vuldb.com/vuln/359646
https://vuldb.com/vuln/359646/cti
https://codeastro.com/

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-7071
Severity: Medium
CVSS Score: 5.3
Type: undefined
Status: new

CWE

CWE-200

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N