Headline
GHSA-jp5r-4x9q-4vcf: xuxueli xxl-job Cross-Site Request Forgery Vulnerability
Cross Site Request Forgery (CSRF) vulnerability in xxl-job-admin/user/add
in xuxueli xxl-job version 2.2.0 allows remote attackers to execute arbitrary code and esclate privileges via crafted .html file.
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2020-24922
xuxueli xxl-job Cross-Site Request Forgery Vulnerability
Moderate severity GitHub Reviewed Published Aug 11, 2023 to the GitHub Advisory Database • Updated Aug 11, 2023
Package
maven com.xuxueli:xxl-job (Maven)
Affected versions
<= 2.2.0
Published to the GitHub Advisory Database
Aug 11, 2023
Last updated
Aug 11, 2023
Related news
CVE-2020-24922: There is a CSRF vulnerability that can add the administrator account · Issue #1921 · xuxueli/xxl-job
Cross Site Request Forgery (CSRF) vulnerability in xxl-job-admin/user/add in xuxueli xxl-job version 2.2.0, allows remote attackers to execute arbitrary code and esclate privileges via crafted .html file.