CVE-2026-5538 QingdaoU OnlineJudge judge_server_heartbeat Endpoint JudgeServer.service_url server-side request forgery
A vulnerability was detected in QingdaoU OnlineJudge up to 1.6.1. Affected by this issue is the function serviceurl of the file JudgeServer.serviceurl of the component judgeserverheartbeat Endpoint. The manipulation results in server-side request forgery. It is possible to launch the attack...