Description
A missing origin validation in WebSockets vulnerability affects the GraphicalData web services used by the WebVue, WebScheduler, TouchVue and SnapVue features of PcVue in version 12.0.0 through 16.3.3 included. It might allow a remote attacker to lure a successfully authenticated user to a malicious website. This vulnerability only affects the following two endpoints: GraphicalData/js/signalR/connect and GraphicalData/js/signalR/reconnect.
INFO
Published Date :
2026-02-26T07:55:18.433Z
Last Modified :
2026-02-26T07:55:18.433Z
Source :
arcinfo
AFFECTED PRODUCTS
The following products are affected by CVE-2026-1692 vulnerability.
| Vendors | Products |
|---|---|
| Arcinfo |
|
REFERENCES
Here, you will find a curated list of external links that provide in-depth information to CVE-2026-1692.
| URL | Resource |
|---|---|
| https://www.pcvue.com/security/#SB2026-2 |
|
CVSS Vulnerability Scoring System
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability