CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

OSV•added 2025/08/20 11:15 p.m.•2 views

CVE-2025-9263

A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is the function getJobsByGroup of the file /src/main/java/com/xxl/job/admin/controller/JobLogController.java. Such manipulation of the argument jobGroup leads to improper control of resource identifiers...

5.3CVSS7AI score

Exploits0References5

Cvelist•added 2025/08/20 11:2 p.m.•10 views

CVE-2025-9263 Xuxueli xxl-job JobLogController.java getJobsByGroup resource injection

5.3CVSS0.00108EPSS

Exploits1References5

Veracode•added 2022/11/21 5:2 a.m.•15 views

Server-Side Request Forgery

xxl-job is vulnerable to server-side request forgery. The vulnerability exists because the JobLogController.java allows ssrf bypass via executing arbitrary commands...

8.8CVSS8.5AI score0.28085EPSS

Exploits1References2Affected Software1

OSV•added 2022/11/17 9:30 p.m.•18 views

GHSA-83W4-X5W9-HF4H XXL-JOB vulnerable to Server-Side Request Forgery (SSRF)

XXL-Job before v2.4.0 contains a Server-Side Request Forgery SSRF via the component /admin/controller/JobLogController.java...

8.8CVSS8.7AI score0.28085EPSS

Exploits1References5

Github Security Blog•added 2022/11/17 9:30 p.m.•26 views

XXL-JOB vulnerable to Server-Side Request Forgery (SSRF)

XXL-Job before v2.4.0 contains a Server-Side Request Forgery SSRF via the component /admin/controller/JobLogController.java...

8.8CVSS8.7AI score0.28085EPSS

Exploits1References5Affected Software1

NVD•added 2022/11/17 9:15 p.m.•9 views

CVE-2022-43183

XXL-Job before v2.3.1 contains a Server-Side Request Forgery SSRF via the component /admin/controller/JobLogController.java...

8.8CVSS0.28085EPSS

Exploits1References1

OSV•added 2022/11/17 9:15 p.m.•15 views

CVE-2022-43183

XXL-Job before v2.3.1 contains a Server-Side Request Forgery SSRF via the component /admin/controller/JobLogController.java...

8.8CVSS8.8AI score

Exploits0References1

Vulnrichment•added 2022/11/17 12:0 a.m.•4 views

CVE-2022-43183

XXL-Job before v2.3.1 contains a Server-Side Request Forgery SSRF via the component /admin/controller/JobLogController.java...

8.8AI score0.28085EPSS

Exploits1References1

CVE•added 2022/11/17 12:0 a.m.•74 views

CVE-2022-43183

XXL-JOB prior to v2.3.1 is affected by a Server-Side Request Forgery (SSRF) in the component /admin/controller/JobLogController.java . The issue stems from the code path handling JobLog operations, enabling SSRF according to multiple connected sources. The public CVE entry CVE-2022-43183 consolid...

8.8CVSS8.6AI score0.28085EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by