MEDIUM
gitroomhq
CVE published 2026-06-17
CVE-2026-48783
CVE-2026-48783 is a medium-severity vulnerability in Postiz, an AI social media scheduling tool. The issue, fixed in version 2.21.8, involves an unauthenticated endpoint that accepted a signed token and applied subscription-enforcement side effects to the organization referenced in that token's claims, without verifying the token's intended purpose. The endpoint could not change the persisted subscription [truncated]