Lucene search
K

9 matches found

Nuclei
Nuclei
added 15 hours ago24 views

XXL-JOB v2.2.0 — Stored Cross Site Scripting

Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file. id: CVE-2020-23814 info: name: XXL-JOB v2.2.0 — Stored Cross Site Scripting author:...

6.1CVSS6.5AI score0.01188EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:50 p.m.10 views

CVE-2026-7305

A weakness has been identified in Xuxueli xxl-job up to 3.3.2. The affected element is the function triggerJob of the file xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java of the component trigger Endpoint. This manipulation of the argument addressList causes...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/28 7:15 p.m.6 views

EUVD-2026-26149

A weakness has been identified in Xuxueli xxl-job up to 3.3.2. The affected element is the function triggerJob of the file xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java of the component trigger Endpoint. This manipulation of the argument addressList causes...

6.5CVSS6.2AI score0.00209EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/28 7:15 p.m.21 views

CVE-2026-7305 Xuxueli xxl-job trigger Endpoint XxlJobServiceImpl.java triggerJob server-side request forgery

A weakness has been identified in Xuxueli xxl-job up to 3.3.2. The affected element is the function triggerJob of the file xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java of the component trigger Endpoint. This manipulation of the argument addressList causes...

6.5CVSS6.1AI score0.00209EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.10 views

XXL-JOB 代码问题漏洞

XXL-JOB is a distributed task scheduling platform developed by Xuxue Li xuxueli. Versions of XXL-JOB 3.3.2 and earlier have code vulnerabilities. These vulnerabilities stem from operations on the parameter addressList in the function triggerJob of the trigger Endpoint. This operation allows for...

6.5CVSS6.8AI score0.00209EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/05/10 12:0 a.m.4 views

VulnCheck KEV: CVE-2020-23814

Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file...

6.1CVSS6.4AI score0.01188EPSS
Exploits1References1
OSV
OSV
added 2022/05/24 5:27 p.m.21 views

GHSA-PQQJ-299W-WF53 xxl-job Multiple cross-site scripting (XSS) vulnerabilities

Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file...

6.1CVSS6.1AI score0.01188EPSS
Exploits1References4
NVD
NVD
added 2020/09/03 5:15 p.m.50 views

CVE-2020-23814

Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file...

6.1CVSS6.1AI score0.01188EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2020/09/03 12:0 a.m.5 views

PT-2020-15584

Name of the Vulnerable Software and Affected Versions: xxl-job version 2.2.0 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the AppName and AddressList parameters in the...

6.1CVSS6.1AI score0.01188EPSS
Exploits1References7
Rows per page
Query Builder