Headline
CVE-2022-29002: xxl-job-admin v2.3.0 has a CSRF vulnerability, which can be used to create an administrator account、Modify password, perform task scheduling and other operations · Issue #2821 · xuxueli/xxl-job
A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
Pick a username
Email Address
Password
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account