Description Lack of input validation leads to an arbitrary file deletion vulnerability in the autoupdate server mechanism. Remediation References CVE-2026-23898 Related Vulnerabilities IBM WebSEAL Improper Input Validation Vulnerability (CVE-2020-4461) XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-23620) ClipBucket Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2016-1000307) WordPress Plugin Ocean Extra Cross-Site Scripting (2.1.1) Apache Tomcat Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-5351) Severity High Classification CVE-2026-23898 CWE-73 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities