CVE-2026-31381
MEDIUM SEVERITYCVSS Score & Metrics
Base Score
5.3 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Description
An attacker can extract user email addresses (PII) exposed in base64 encoding via the state parameter in the OAuth callback URL.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-598
Source
NVD
Vendor
Gainsight
Product
Gainsight Assist
Discussion (0)
Add Comment
No comments yet. Be the first!