Vulnerabilities

CVE-2026-1062 - xiweicheng TMS HtmlUtil.java summary server-side request forgery

2026-01-17 0 views admin
CVE-2026-1062 - xiweicheng TMS HtmlUtil.java summary server-side request forgery

CVE ID : CVE-2026-1062 Published : Jan. 17, 2026, 8:15 p.m. | 35 minutes ago Description : A flaw has been found in xiweicheng TMS up to 2.28.0. This affects the function Summary of the file src/main/java/com/lhjz/portal/util/HtmlUtil.java. This manipulation of the argument url causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been published and may be used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

Severity
MEDIUM
Published
Jan. 17, 2026
Affected Product: java

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-1062mediumjava

More from Vulnerabilities

CVE-2026-1059 - FeMiner wms chkuser.php sql injection

CVE-2026-1059 - FeMiner wms chkuser.php sql injection

2026-01-17 0
CVE-2026-1061 - xiweicheng TMS FileController.java upload unrestricted upload

CVE-2026-1061 - xiweicheng TMS FileController.java upload unrestricted upload

2026-01-17 0
CVE-2026-1063 - bastillion-io Bastillion Public Key Management System AuthKeysKtrl.java command i...

CVE-2026-1063 - bastillion-io Bastillion Public Key Management System AuthKeysKtrl.java command i...

2026-01-17 0
CVE-2026-1064 - bastillion-io Bastillion System Management SystemKtrl.java command injection

CVE-2026-1064 - bastillion-io Bastillion System Management SystemKtrl.java command injection

2026-01-17 0

Trending

1

Tech: Go-legacy-winxp: Compile Golang 1.24 code for Windows XP

2026-01-15 • 4457 views
2

Tech: Data is the only moat

2026-01-15 • 4133 views
3

Tech: Pocket TTS: A high quality TTS that gives your CPU a voice

2026-01-15 • 3239 views
4

Tech: AWS European Sovereign Cloud

2026-01-15 • 2741 views
5

Tech: JuiceFS is a distributed POSIX file system built on top of Redis and S3

2026-01-15 • 2719 views