Medium severity6.3NVD Advisory· Published Apr 5, 2026· Updated Apr 24, 2026
CVE-2026-5538
CVE-2026-5538
Description
A vulnerability was detected in QingdaoU OnlineJudge up to 1.6.1. Affected by this issue is the function service_url of the file JudgeServer.service_url of the component judge_server_heartbeat Endpoint. The manipulation results in server-side request forgery. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=1.6.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.