CVE-2026-4201

Name of the Vulnerable Software and Affected Versions glowxq glowxq-oj (affected versions not specified)

Description A weakness exists in glowxq glowxq-oj. This issue affects the Upload function within the file business/business-system/src/main/java/com/glowxq/system/admin/controller/SysFileController.java, potentially leading to unrestricted upload. The attack can be launched remotely. The exploit has been made publicly available. The vendor was contacted regarding this disclosure but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.