CVE-2026-14902
MEDIUM
NVD
CVSS Score
4
Severity
MEDIUM
Published
Jul 14, 2026
Vendor
unknown
Description
An open redirect in Ivanti Xtraction before version 2026.2.1 allows a remote unauthenticated attacker to redirect users to arbitrary external URLs.