Skip to main content

openSIS Classic CVE-2026-11944

| EUVDEUVD-2026-43721 MEDIUM
Path Traversal (CWE-22)
2026-07-14 Fluid Attacks GHSA-5v7m-6h74-672r
5.3
CVSS 4.0 · Vendor: Fluid Attacks
Share

Severity by source

Vendor (Fluid Attacks) PRIMARY
5.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
4.3 MEDIUM

Network-accessible endpoint requires low-privilege authentication; no integrity or availability impact; confidentiality impact rated low consistent with provided CVSS 4.0 VC:L.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (Fluid Attacks).

CVSS VectorVendor: Fluid Attacks

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jul 14, 2026 - 16:13 vuln.today

DescriptionCVE.org

openSIS Classic 9.3 contains an authenticated path traversal vulnerability in the legacy messaging sent-mail attachment download functionality that allows an authenticated attacker to read arbitrary files on the server via crafted path traversal sequences.

AnalysisAI

Path traversal in openSIS Classic 9.3 exposes arbitrary server files through the legacy messaging sent-mail attachment download endpoint, exploitable by any authenticated low-privilege user. The vulnerability allows crafted sequences such as directory traversal patterns to escape the intended attachment directory and retrieve sensitive server-side files. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain low-privilege account credentials
Delivery
Authenticate to openSIS Classic 9.3
Exploit
Access legacy messaging sent-mail attachment download endpoint
Execution
Inject path traversal sequence into filename parameter
Impact
Server returns contents of arbitrary readable file

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid authenticated session on the openSIS Classic 9.3 instance; the CVSS PR:L metric confirms any low-privilege account is sufficient, including student, parent, or staff roles. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The provided CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N) scores 5.3, reflecting low-complexity network exploitation gated by low-privilege authentication, with only low confidentiality impact and no integrity or availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An authenticated user - such as a student or parent account - sends a crafted HTTP request to the legacy messaging sent-mail attachment download endpoint, substituting the expected filename with a path traversal sequence like '../../etc/passwd' or '../../var/www/html/config.php'. The server processes the unsanitized path and returns the contents of the target file in the HTTP response, potentially exposing operating system user data, database credentials embedded in configuration files, or private key material. …
Remediation No vendor-released patch version has been identified from the available input data; patch status is unconfirmed. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-11944 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy