Summary
Ivanti released a critical security update for Xtraction to patch a path traversal vulnerability CVE-2026-8043) that allows authenticated attackers to read sensitive files and write malicious HTML content.
Take Action:
Patch your Xtraction instances to version 2026.2 immediately and verify that Multi-Factor Authentication is active for all users. Even though this requires authentication, assume attackers can easily find low-level credentials.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)