CVE-2026-8649
6.4
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Summary
Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer (Custom Reports modules).
This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Progress | MOVEit Transfer | 2025.1.0 < 2025.1.3 | affected |
| Progress | MOVEit Transfer | 0 < 2025.0.7 | affected |
Weaknesses
- CWE-943: CWE-943 Improper Neutralization of Special Elements in Data Query Logic
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.