PT-2026-30409 · Unknown · Qingdaou Onlinejudge
Ana10Gy
·
Publicado
2026-04-05
·
Atualizado
2026-04-05
·
CVE-2026-5538
CVSS v2.0
6.5
Média
| Vetor | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
QingdaoU OnlineJudge versions up to 1.6.1
Description
A server-side request forgery condition exists in the
JudgeServer.service url function of the judge server heartbeat endpoint within QingdaoU OnlineJudge. This manipulation can be exploited remotely. The vendor was contacted but did not respond.Recommendations
Update QingdaoU OnlineJudge to a version later than 1.6.1.
Correção
SSRF
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Qingdaou Onlinejudge