Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
4.3
Material Master Reports Expose Sensitive Data for Authenticated Users
CVE-2026-27672
Summary
The Material Master application doesn't check if users have permission to view sensitive data when generating reports. This means that users who are already logged in can potentially see information they shouldn't have access to. You should review your permissions and access controls to prevent unauthorized data disclosure.
Original title
The Material Master application does not enforce authorization checks for authenticated users when executing reports, resulting in the disclosure of sensitive information. This vulnerability has a ...
Original description
The Material Master application does not enforce authorization checks for authenticated users when executing reports, resulting in the disclosure of sensitive information. This vulnerability has a low impact on confidentiality and does not affect integrity and availability of the system.
nvd CVSS3.1
4.3
Vulnerability type
CWE-862
Missing Authorization
Published: 14 Apr 2026 · Updated: 14 Apr 2026 · First seen: 14 Apr 2026