Xxl-job@2.4.0 Security Vulnerabilities and Issues — Xxl-job@2.4.0 CVE List

Lucene search

XuxueliXxl-job2.4.0

4 matches found

CVE•added 2023/11/15 3:15 p.m.•99 views

CVE-2023-48089

xxl-job-admin 2.4.0 is vulnerable to Remote Code Execution (RCE) via /xxl-job-admin/jobcode/save.

8.8CVSS8.9AI score0.0129EPSS

CVE•added 2024/04/06 11:15 a.m.•57 views

CVE-2024-3366

A vulnerability classified as problematic was found in Xuxueli xxl-job up to 2.4.1. This vulnerability affects the function deserialize of the file com/xxl/job/core/util/JdkSerializeTool.java of the component Template Handler. The manipulation leads to injection. The exploit has been disclosed to t...

9.8CVSS4.2AI score0.00081EPSS

CVE•added 2023/11/15 3:15 p.m.•45 views

CVE-2023-48087

xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat.

5.4CVSS5.4AI score0.00054EPSS

CVE•added 2023/11/15 3:15 p.m.•45 views

CVE-2023-48088

xxl-job-admin 2.4.0 is vulnerable to Cross Site Scripting (XSS) via /xxl-job-admin/joblog/logDetailPage.

5.4CVSS5.2AI score0.00085EPSS