Lucene search
+L

52 matches found

euvd
euvd
added 21 hours ago4 views

EUVD-2026-44843

A Cross-Site Request Forgery CSRF vulnerability exists in the xxl-job-admin web application v.3.0.0 that allows an attacker to perform unauthorized modifications to Glue IDE shell scripts. The affected endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods via a permissive...

9.1CVSS6.2AI score
Exploits1References3
euvd
euvd
added 21 hours ago4 views

EUVD-2026-44844

Cross Site Scripting vulnerability in xxl-job-admin v.3.0.0 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request containing a malicious script...

6.1CVSS6.4AI score
Exploits1References2
nvd
nvd
added yesterday6 views

CVE-2026-26719

Cross Site Scripting vulnerability in xxl-job-admin v.3.0.0 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request containing a malicious script...

6.1CVSS
Exploits1References1
nvd
nvd
added yesterday6 views

CVE-2026-26718

A Cross-Site Request Forgery CSRF vulnerability exists in the xxl-job-admin web application v.3.0.0 that allows an attacker to perform unauthorized modifications to Glue IDE shell scripts. The affected endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods via a permissive...

9.1CVSS
Exploits1References2
cve
cve
added yesterday1 views

CVE-2026-26719

Cross Site Scripting vulnerability in xxl-job-admin v.3.0.0 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request containing a malicious script...

6.1CVSS6.4AI score
Exploits1References1
cvelist
cvelist
added yesterday32 views

CVE-2026-26718

A Cross-Site Request Forgery CSRF vulnerability exists in the xxl-job-admin web application v.3.0.0 that allows an attacker to perform unauthorized modifications to Glue IDE shell scripts. The affected endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods via a permissive...

Exploits1References2
ptsecurity
ptsecurity
added yesterday7 views

PT-2026-60330

Name of the Vulnerable Software and Affected Versions xxl-job-admin version 3.0.0 Description A Cross-Site Request Forgery CSRF issue exists in the web application. This occurs because a specific endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods through a permissive...

6.2AI score
Exploits1References4
cve
cve
added yesterday3 views

CVE-2026-26718

A Cross-Site Request Forgery CSRF vulnerability exists in the xxl-job-admin web application v.3.0.0 that allows an attacker to perform unauthorized modifications to Glue IDE shell scripts. The affected endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods via a permissive...

9.1CVSS6.2AI score
Exploits1References2
cvelist
cvelist
added yesterday32 views

CVE-2026-26719

Cross Site Scripting vulnerability in xxl-job-admin v.3.0.0 allows a remote attacker to execute arbitrary code via a crafted HTTP GET request containing a malicious script...

Exploits1References1
snyk
snyk
added 2026/04/29 4:25 p.m.6 views

Resource Injection

Overview Affected versions of this package are vulnerable to Resource Injection via the logDetailCat function in the Execution Log Handler. An attacker can access unauthorized resources by obtaining a valid logId and sending requests directly to logDetailCat endpoint. Remediation Upgrade...

6.3CVSS5.8AI score0.00418EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-3060

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.01262EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-2867

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00362EPSS
Exploits1References3
euvd
euvd
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-2894

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00399EPSS
Exploits1References3
redhatcve
redhatcve
added 2025/05/23 4:22 a.m.7 views

CVE-2023-48089

xxl-job-admin 2.4.0 is vulnerable to Remote Code Execution RCE via /xxl-job-admin/jobcode/save...

8.8CVSS7.5AI score0.01262EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/23 4:14 a.m.8 views

CVE-2023-48088

xxl-job-admin 2.4.0 is vulnerable to Cross Site Scripting XSS via /xxl-job-admin/joblog/logDetailPage...

5.4CVSS6AI score0.00399EPSS
Exploits1
redhatcve
redhatcve
added 2025/05/23 4:14 a.m.9 views

CVE-2023-48087

xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat...

5.4CVSS6.8AI score0.00362EPSS
Exploits1References1
github
github
added 2023/11/15 3:30 p.m.20 views

xxl-job-admin vulnerable to Cross Site Scripting

xxl-job-admin 2.4.0 is vulnerable to Cross Site Scripting XSS via /xxl-job-admin/joblog/logDetailPage...

5.4CVSS6.1AI score0.00399EPSS
Exploits1References3Affected Software1
github
github
added 2023/11/15 3:30 p.m.109 views

xxl-job-admin vulnerable to Remote Code Execution

xxl-job-admin 2.4.0 is vulnerable to Remote Code Execution RCE via /xxl-job-admin/jobcode/save...

8.8CVSS7.6AI score0.01262EPSS
Exploits1References3Affected Software1
github
github
added 2023/11/15 3:30 p.m.22 views

xxl-job-admin vulnerable to Insecure Permissions

xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat...

5.4CVSS6.8AI score0.00362EPSS
Exploits1References3Affected Software1
osv
osv
added 2023/11/15 3:30 p.m.21 views

GHSA-3W8R-3JH9-89V9 xxl-job-admin vulnerable to Insecure Permissions

xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat...

5.4CVSS5.3AI score0.00362EPSS
Exploits1References3
Rows per page
Query Builder