Vulnerabilities (CVE)

Filtered by vendor Xuxueli Subscribe

Filtered by product Xxl-job

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-48087	1 Xuxueli	1 Xxl-job	2023-11-21	N/A	5.4 MEDIUM
xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat.
CVE-2023-48088	1 Xuxueli	1 Xxl-job	2023-11-21	N/A	5.4 MEDIUM
xxl-job-admin 2.4.0 is vulnerable to Cross Site Scripting (XSS) via /xxl-job-admin/joblog/logDetailPage.
CVE-2022-29770	1 Xuxueli	1 Xxl-job	2022-06-13	3.5 LOW	5.4 MEDIUM
XXL-Job v2.3.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via /xxl-job-admin/jobinfo.
CVE-2020-29204	1 Xuxueli	1 Xxl-job	2020-12-29	4.3 MEDIUM	6.1 MEDIUM
XXL-JOB 2.2.0 allows Stored XSS (in Add User) to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java.
CVE-2020-23814	1 Xuxueli	1 Xxl-job	2020-09-04	4.3 MEDIUM	6.1 MEDIUM
Multiple cross-site scripting (XSS) vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) AppName and (2)AddressList parameter in JobGroupController.java file.