CVE-2024-42681

Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...

Improper Preservation of Permissions in xxl-job

Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...

GHSA-CPFP-M5QW-C4R3 Improper Preservation of Permissions in xxl-job

Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...

CVE-2024-42681

Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...

CVE-2024-42681

Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...

CVE-2024-42681

Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component...

CVE-2024-42681

CVE-2024-42681 affects the XXL-JOB platform (xxl-job v2.4.1) where the Sub-Task ID component has insecure permissions that allow a remote attacker to execute arbitrary code. Root cause: improper access control/validation in the Sub-Task ID path. Impact: potential remote code execution with high s...

PT-2024-30107 · Xxl-Job · Xxl-Job

Name of the Vulnerable Software and Affected Versions: xxl-job version 2.4.1 Description: The issue allows a remote attacker to execute arbitrary code via the Sub-Task ID component due to insecure permissions. Recommendations: For xxl-job version 2.4.1, consider disabling the Sub-Task ID componen...