Double Opt In Step

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-2451 MEDIUM This Month

Information disclosure in Pretix email template processing allows authenticated backend users to extract sensitive system data including database credentials and API keys through specially crafted placeholder syntax that bypasses existing security controls. An attacker with email template modification privileges can leverage Python object introspection to access arbitrary system configuration details. No patch is currently available for this vulnerability affecting Pretix and its Double Opt In Step extension.

Information Disclosure Pretix Double Opt In Step
NVD VulDB
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-2451
EPSS 0% CVSS 6.5
MEDIUM This Month

Information disclosure in Pretix email template processing allows authenticated backend users to extract sensitive system data including database credentials and API keys through specially crafted placeholder syntax that bypasses existing security controls. An attacker with email template modification privileges can leverage Python object introspection to access arbitrary system configuration details. No patch is currently available for this vulnerability affecting Pretix and its Double Opt In Step extension.

Information Disclosure Pretix Double Opt In Step
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy