Lucene search
China National Vulnerability DatabaseCNVD-2022-70593HistoryMay 24, 2022 - 12:00 a.m.
XXL-JOB Cross-site Request Forgery Vulnerability
2022-05-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
0.001 Low
EPSS
Percentile
43.6%
XXL-JOB is a lightweight distributed task scheduling platform whose core design goals are rapid development, simple learning, lightweight, and easy scalability. XXL-JOB version 2.3.0 is vulnerable to cross-site request forgery due to a lack of filtering and restrictions in the component /gaia-job-admin/user/add. An attacker could exploit this vulnerability to create arbitrary administrator accounts.
| CPE | Name | Operator | Version |
|---|---|---|---|
| xxl-job xxl-job | eq | 2.3.0 |
Related
cvelist
cvelist
CVE-2022-29002
2022-05-23 20:50:39
github
github
Cross-Site Request Forgery in XXL-Job
2022-05-24 00:00:18
veracode
veracode
Cross-Site Request Forgery (CSRF)
2022-05-24 06:45:24
prion
prion
Cross site request forgery (csrf)
2022-05-23 21:16:00
nvd
nvd
CVE-2022-29002
2022-05-23 21:16:04
osv
osv
Cross-Site Request Forgery in XXL-Job
2022-05-24 00:00:18
CVE-2022-29002
2022-05-23 21:16:04
cve
cve
CVE-2022-29002
2022-05-23 21:16:04