6 matches found
CVE-2026-36765
An XML external entity XXE vulnerability in the /designer/loadReport endpoint of SpringBlade v4.8.0 allows authenticated attackers to execute arbitrary code via injecting a crafted payload...
CVE-2026-36765
An XML external entity XXE vulnerability in the /designer/loadReport endpoint of SpringBlade v4.8.0 allows authenticated attackers to execute arbitrary code via injecting a crafted payload...
SpringBlade 代码问题漏洞
SpringBlade is a microservices development platform developed by Blade China. Version 4.8.0 of SpringBlade contains a code vulnerability. This vulnerability stems from XML external entity injection in the /designer/loadReport endpoint, which may allow authenticated attackers to execute arbitrary...
CVE-2026-36765
An XXE vulnerability affects SpringBlade v4.8.0 at the /designer/loadReport endpoint. The issue allows authenticated attackers to execute arbitrary code by injecting a crafted payload. The common details across sources identify the root cause as an XML external entity processing flaw, enabling co...
CVE-2026-36765
An XML external entity XXE vulnerability in the /designer/loadReport endpoint of SpringBlade v4.8.0 allows authenticated attackers to execute arbitrary code via injecting a crafted payload...
CVE-2026-36765
An XML external entity XXE vulnerability in the /designer/loadReport endpoint of SpringBlade v4.8.0 allows authenticated attackers to execute arbitrary code via injecting a crafted payload...