Xxl-job@2.4.1 Security Vulnerabilities and Issues — Xxl-job@2.4.1 CVE List

Lucene search

XuxueliXxl-job2.4.1

3 matches found

CVE•added 2024/04/06 11:15 a.m.•57 views

CVE-2024-3366

A vulnerability classified as problematic was found in Xuxueli xxl-job up to 2.4.1. This vulnerability affects the function deserialize of the file com/xxl/job/core/util/JdkSerializeTool.java of the component Template Handler. The manipulation leads to injection. The exploit has been disclosed to t...

9.8CVSS4.2AI score0.00081EPSS

CVE•added 2023/05/26 5:15 p.m.•56 views

CVE-2023-33779

A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/.

8.8CVSS9AI score0.00089EPSS

CVE•added 2024/08/15 5:15 p.m.•54 views

CVE-2024-42681

Insecure Permissions vulnerability in xxl-job v.2.4.1 allows a remote attacker to execute arbitrary code via the Sub-Task ID component.

8.8CVSS8.1AI score0.00836EPSS