4 matches found
GHSA-WC73-W5R9-X9PC Cross-site Scripting in XXL-JOB
XXL-JOB 2.2.0 allows Stored XSS in Add User to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java...
CVE-2020-29204
XXL-JOB 2.2.0 allows Stored XSS in Add User to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java...
CVE-2020-29204
XXL-JOB 2.2.0 allows Stored XSS in Add User to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java...
CVE-2020-29204
CVE-2020-29204 affects XXL-JOB 2.2.0 with a Stored XSS in the Add User path. The root cause is a bypass of the 20-character limit in xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java, enabling persistent script injection. The NVD and related sources classify the CVSS v3...