0.001 Low
EPSS
Percentile
37.7%
xxl-job is vulnerable to server-side request forgery. The vulnerability exists because the JobLogController.java allows ssrf bypass via executing arbitrary commands.
JobLogController.java
github.com/advisories/GHSA-83w4-x5w9-hf4h
github.com/xuxueli/xxl-job/issues/3002