{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30689", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-27T20:32:29.894Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-27T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-27T13:54:02.867Z"}, "descriptions": [{"lang": "en", "value": "A blog.admin v.8.0 and before system's getinfobytoken API interface contains an improper access control which leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "http://blagadmin.com"}, {"url": "https://github.com/anjoy8/Blog.Core"}, {"url": "https://gist.github.com/Sw3092567023/c420c6a5ee947d72aeab2b3e0ba92a40"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-284", "lang": "en", "description": "CWE-284 Improper Access Control"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-27T20:31:27.696071Z", "id": "CVE-2026-30689", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-27T20:32:29.894Z"}}]}, "dataVersion": "5.2"}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A blog.admin v.8.0 and before system's getinfobytoken API interface contains an improper access control which leads to sensitive data exposure. Unauthorized parties can obtain sensitive administrator account information via a valid token, threatening system security."}], "id": "CVE-2026-30689", "lastModified": "2026-03-27T15:16:53.620", "metrics": {}, "published": "2026-03-27T15:16:53.620", "references": [{"source": "cve@mitre.org", "url": "http://blagadmin.com"}, {"source": "cve@mitre.org", "url": "https://gist.github.com/Sw3092567023/c420c6a5ee947d72aeab2b3e0ba92a40"}, {"source": "cve@mitre.org", "url": "https://github.com/anjoy8/Blog.Core"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Received"}

{}

{"analysis": {"en": {"generated_at": "2026-03-27T16:51:11.073034+00:00", "value": {"mitigation_remediation": ["Apply the latest Blog.Admin release (v8.1 or later) where the getinfobytoken access control issue is fixed.", "If an upgrade is not possible immediately, disable the getinfobytoken API or restrict its access to a secure network segment.", "Re\u2011issue or revoke all current administrative tokens and generate new ones.", "Monitor logs for unexpected requests to the getinfobytoken endpoint and investigate suspicious activity.", "Contact Blog.Admin maintainers for an official security patch if no update is available."], "summary": {"action": "Apply Patch", "impact": "Sensitive data exposure via improper access control"}, "threat_synthesis": {"affected_systems": "Blog.Admin versions 8.0 and earlier are affected. The vulnerability exists in the getinfobytoken interface of these releases, and no public patch has been issued for these versions.", "description_and_impact": "The flaw lies in an improper access control check in Blog.Admin\u2019s getinfobytoken API. An attacker who can supply a legitimate administrator token can invoke the endpoint and retrieve sensitive account details, thereby revealing credentials and other privileged information.", "risk_and_exploitability": "Based on the description, the vulnerability requires possession of an administrative token, and the likely attack vector is remote access to the API endpoint capable of accepting such a token. The occurrence of exploitation is considered high because valid tokens are required, which could be obtained from legitimate use or via token theft; however, the specific attack path is inferred. The CVSS score is not available, EPSS is unknown, and the flaw is not listed in the CISA KEV catalog. Exposure of sensitive administrator data poses a significant confidentiality risk to the affected system."}}}}, "created": "2026-03-27T20:29:03.013802+00:00", "title": "Improper Access Control in Blog.Admin getinfobytoken API Exposes Admin Credentials", "updated": "2026-03-27T20:29:03.013894+00:00", "vendors": [], "weaknesses": ["CWE-285", "CWE-200"]}