Open Redirect Vulnerability in Ivanti Xtraction Affects Users
CVE-2026-14902
4MEDIUM
What is CVE-2026-14902?
An open redirect vulnerability in Ivanti Xtraction versions prior to 2026.2.1 can be exploited by a remote attacker, enabling them to redirect users to untrusted external URLs without authentication. This risk may facilitate phishing attacks or exposure to malicious websites, compromising user security.
Affected Version(s)
Xtraction 2026.2.1