Server-Side Request Forgery in SpringBlade by Chillzhuang
CVE-2026-36764
5MEDIUM
What is CVE-2026-36764?
A vulnerability in SpringBlade version 4.8.0 allows authenticated attackers to exploit the /ureport/datasource/testConnection endpoint through a crafted GET request. This Server-Side Request Forgery (SSRF) flaw enables attackers to access and scan internal resources improperly, potentially exposing sensitive data or system configurations.
