Back to CVE List

CVE-2026-31381

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score
5.3 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Vulnerability Description

An attacker can extract user email addresses (PII) exposed in base64 encoding via the state parameter in the OAuth callback URL.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-598
Source
NVD
Vendor
Gainsight
Product
Gainsight Assist

External References

Discussion (0)

Add Comment

No comments yet. Be the first!