2 matches found
XXL-JOB vulnerable to Cross-site Scripting
XXL-JOB com.xuxueli:xxl-job versions 2.4.0 and earlier are vulnerable to cross-site scripting XSS. An HTML uploaded payload can be executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...
CVE-2023-26120
This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update...