CVE-2026-36763 in SpringBladeالمعلومات

الملخص

بحسب MITRE • 30/04/2026

A stored cross-site scripting (XSS) vulnerability in the /api/blade-desk/notice/submit endpoint of SpringBlade v4.8.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted input into the content parameter.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

MITRE

حجز

06/04/2026

إفشاء

30/04/2026

الاعتدال

تمت الموافقة

إدخال

VDB-360347

CPE

جاهز

CWE

CWE-79 (مؤكد)

CVSS

3.5 (VulDB)

EPSS

0.00034

KEV

لا

النشاطات

منخفض جدًا

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-36763
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-36763
CVE Details	https://www.cvedetails.com/cve/CVE-2026-36763/

التالي ▸نظرة عامة ◂ السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!