This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3.
No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Thu, 09 Jul 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Wed, 08 Jul 2026 21:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Progress
Progress moveit Transfer |
|
| Vendors & Products |
Progress
Progress moveit Transfer |
Wed, 08 Jul 2026 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer (Custom Reports modules). This issue affects MOVEit Transfer: before 2026.0.0, before 2025.1.3, before 2025.0.7. | Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer (Custom Reports modules). This issue affects MOVEit Transfer: before 2025.0.7, from 2025.1.0 before 2025.1.3. |
Wed, 08 Jul 2026 19:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Improper Neutralization of Special Elements in Data Query Logic vulnerability in Progress MOVEit Transfer (Custom Reports modules). This issue affects MOVEit Transfer: before 2026.0.0, before 2025.1.3, before 2025.0.7. | |
| Title | Institution scope bypass vulnerability in custom reports | |
| Weaknesses | CWE-943 | |
| References |
| |
| Metrics |
cvssV3_1
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: ProgressSoftware
Published:
Updated: 2026-07-08T19:44:22.665Z
Reserved: 2026-05-15T04:28:11.755Z
Link: CVE-2026-8649
Updated: 2026-07-09T13:29:19.607Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-09T04:15:12Z