EIP-2026-102489
PRE-CVEJReport - 'dealSchedules.jsp' Cross-Site Request Forgery
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-102489. PoCs published by Poonam Singh.
AI-analyzed exploit summary This HTML-based PoC demonstrates a CSRF vulnerability in JReport, allowing an attacker to trick a user into submitting a malicious request to delete scheduled tasks. The exploit uses a hidden form with predefined parameters and auto-submits via JavaScript.
Description
JReport - 'dealSchedules.jsp' Cross-Site Request Forgery
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Poonam Singh · htmlwebappsjsp
https://www.exploit-db.com/exploits/38816
This HTML-based PoC demonstrates a CSRF vulnerability in JReport, allowing an attacker to trick a user into submitting a malicious request to delete scheduled tasks. The exploit uses a hidden form with predefined parameters and auto-submits via JavaScript.
Classification
Working Poc 90%
Attack Type
Other
Complexity
Trivial
Reliability
Reliable
Target:
JReport (version unspecified)
Auth required
Prerequisites:
Victim must be authenticated in the target JReport instance · Victim must visit the malicious HTML page
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026