9 matches found
XXL-JOB v2.2.0 — Stored Cross Site Scripting
Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file. id: CVE-2020-23814 info: name: XXL-JOB v2.2.0 — Stored Cross Site Scripting author:...
CVE-2026-7305
A weakness has been identified in Xuxueli xxl-job up to 3.3.2. The affected element is the function triggerJob of the file xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java of the component trigger Endpoint. This manipulation of the argument addressList causes...
EUVD-2026-26149
A weakness has been identified in Xuxueli xxl-job up to 3.3.2. The affected element is the function triggerJob of the file xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java of the component trigger Endpoint. This manipulation of the argument addressList causes...
CVE-2026-7305 Xuxueli xxl-job trigger Endpoint XxlJobServiceImpl.java triggerJob server-side request forgery
A weakness has been identified in Xuxueli xxl-job up to 3.3.2. The affected element is the function triggerJob of the file xxl-job-admin/src/main/java/com/xxl/job/admin/service/impl/XxlJobServiceImpl.java of the component trigger Endpoint. This manipulation of the argument addressList causes...
XXL-JOB 代码问题漏洞
XXL-JOB is a distributed task scheduling platform developed by Xuxue Li xuxueli. Versions of XXL-JOB 3.3.2 and earlier have code vulnerabilities. These vulnerabilities stem from operations on the parameter addressList in the function triggerJob of the trigger Endpoint. This operation allows for...
VulnCheck KEV: CVE-2020-23814
Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file...
GHSA-PQQJ-299W-WF53 xxl-job Multiple cross-site scripting (XSS) vulnerabilities
Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file...
CVE-2020-23814
Multiple cross-site scripting XSS vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via 1 AppName and 2AddressList parameter in JobGroupController.java file...
PT-2020-15584
Name of the Vulnerable Software and Affected Versions: xxl-job version 2.2.0 Description: The issue concerns multiple cross-site scripting XSS vulnerabilities. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the AppName and AddressList parameters in the...