EPSS
Percentile
43.4%
A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add.
github.com/xuxueli/xxl-job
github.com/xuxueli/xxl-job/issues/2821
nvd.nist.gov/vuln/detail/CVE-2022-29002