6 matches found
Resource Injection
Overview Affected versions of this package are vulnerable to Resource Injection via the logDetailCat function in the Execution Log Handler. An attacker can access unauthorized resources by obtaining a valid logId and sending requests directly to logDetailCat endpoint. Remediation Upgrade...
CVE-2026-7303 Xuxueli xxl-job Execution Log JobLogController.java logDetailCat resource injection
A security flaw has been discovered in Xuxueli xxl-job up to 3.3.2. Impacted is the function logDetailCat of the file xxl-job-admin/src/main/java/com/xxl/job/admin/controller/biz/JobLogController.java of the component Execution Log Handler. The manipulation of the argument logId results in improp...
CVE-2026-7303 Xuxueli xxl-job Execution Log JobLogController.java logDetailCat resource injection
A security flaw has been discovered in Xuxueli xxl-job up to 3.3.2. Impacted is the function logDetailCat of the file xxl-job-admin/src/main/java/com/xxl/job/admin/controller/biz/JobLogController.java of the component Execution Log Handler. The manipulation of the argument logId results in improp...
PT-2026-35824
A security flaw has been discovered in Xuxueli xxl-job up to 3.3.2. Impacted is the function logDetailCat of the file xxl-job-admin/src/main/java/com/xxl/job/admin/controller/biz/JobLogController.java of the component Execution Log Handler. The manipulation of the argument logId results in improp...
CVE-2023-48087
xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat...
CVE-2023-48087
xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat...