CVE-2026-14903
HIGH
NVD
CVSS Score
7.7
Severity
HIGH
Published
Jul 14, 2026
Vendor
unknown
Description
Path traversal in Ivanti Xtraction before version 2026.2.1 allows a remote authenticated attacker to read arbitrary files outside the web root.
Path traversal in Ivanti Xtraction before version 2026.2.1 allows a remote authenticated attacker to read arbitrary files outside the web root.