Review
OneBlog
CVE published 2026-07-07
CVE-2026-51937
A sensitive information disclosure vulnerability exists in Oneblog V2.3.9. The issue allows a remote attacker to obtain sensitive information via the RestApiController.java, JsApiTicketComponent.java, and the GetAccessTokenComponent.java components. This vulnerability has a high impact on confidentiality and can be exploited without authentication. Users of Oneblog V2.3.9 should be aware of this vulnerabi [truncated]