CVE-2026-40582 — ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the /api/public/user/login endpoint validates only the username and password before returning the user's API key,

Loading…

CVE-2026-40582 — ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the /api/public/user/login endpoint validates only the username and password before returning the user's API key, — CVE Database · The Intelligence Room