What the vulnerability does
01Description
Missing Authorization vulnerability in creativeinteractivemedia Real 3D FlipBook real3d-flipbook-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Real 3D FlipBook: from n/a through <= 4.19.1.
Explanation of Vulnerability in Simple Terms
02Summary
Real 3D FlipBook versions up to 4.19.1 lack proper authorization checks, allowing high-privilege users to modify or disable content without proper access controls. An attacker with administrative credentials can alter the integrity of flipbook data or temporarily disrupt availability. The vulnerability requires existing high-level site access and does not expose confidential information.
What an attacker can do
03Attacker Capabilities
Modify or disable flipbook content if they have high-level site access.
Potential impact on your site
04Site Impact
Administrators with compromised credentials could alter or disable flipbooks; monitor admin account activity.
Conditions required to exploit
05Prerequisites
Attacker must have high-privilege administrative credentials on the site.
Key dates
06Disclosure timeline
February 19, 2026
CVE published
April 28, 2026
Record updated