Description
An attacker can extract user email addresses (PII) exposed in base64 encoding via the state parameter in the OAuth callback URL.
Published: 2026-03-20
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Information disclosure
Action: Patch
AI Analysis

Impact

The vulnerability allows an attacker to extract user email addresses that are exposed in base64 encoding via the state parameter present in the OAuth callback URL. This leads to exposure of personally identifiable information and is categorized as CWE‑598, representing improper handling of input that reveals confidential data.

Affected Systems

Affected systems are instances of the Gainsight Assist plugin from Gainsight. No specific version ranges are provided in the data, so all installations that include this plugin may be affected unless an update has already been applied.

Risk and Exploitability

The CVSS score is 5.3, indicating moderate severity. EPSS data is not available and the vulnerability is not listed in the CISA KEV catalog, suggesting a lower likelihood of widespread exploitation. The likely attack vector involves an attacker manipulating the OAuth callback URL to include a crafted state parameter; the victim must use the OAuth flow for the exposure to occur. No evidence of an existing exploit is reported in the provided references.

Generated by OpenCVE AI on March 20, 2026 at 14:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Gainsight Assist patch once it becomes available to eliminate the information disclosure flaw.
  • Configure the plugin to validate the state parameter and ensure it does not carry PII, or encode sensitive data securely to prevent base64 exposure.
  • Monitor OAuth callback logs and user account activity for anomalous state parameter values that could indicate exploitation attempts.

Generated by OpenCVE AI on March 20, 2026 at 14:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 16 Apr 2026 15:30:00 +0000

Type Values Removed Values Added
First Time appeared Gainsight assist
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:gainsight:assist:-:*:*:*:*:*:*:*
Vendors & Products Gainsight assist

Mon, 23 Mar 2026 10:45:00 +0000

Type Values Removed Values Added
References

Fri, 20 Mar 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Gainsight
Gainsight gainsight Assist
Vendors & Products Gainsight
Gainsight gainsight Assist

Fri, 20 Mar 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Mar 2026 13:45:00 +0000

Type Values Removed Values Added
Description An attacker can extract user email addresses (PII) exposed in base64 encoding via the state parameter in the OAuth callback URL.
Title Gainsight Assist plugin information disclosure
Weaknesses CWE-598
References
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Gainsight Assist Gainsight Assist
cve-icon MITRE

Status: PUBLISHED

Assigner: rapid7

Published:

Updated: 2026-03-23T10:21:31.048Z

Reserved: 2026-03-09T09:05:14.105Z

Link: CVE-2026-31381

cve-icon Vulnrichment

Updated: 2026-03-20T13:43:13.631Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-20T14:16:14.567

Modified: 2026-04-16T15:16:53.553

Link: CVE-2026-31381

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T14:29:27Z

Weaknesses