0.001 Low
EPSS
Percentile
31.0%
xxl-job is vulnerable to Cross-Site Request Forgery (CSRF). The vulnerability exists due to a lack of validation in updatePwd which allows an attacker to modify any user passwords.
updatePwd
github.com/advisories/GHSA-pv4m-h859-jwmq
github.com/boyi0508/xxl-job-explain/blob/main/README.md
vuldb.com/?ctiid.220196
vuldb.com/?id.220196