Описание
Privilege escalation in XXL-Job
A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/.
Пакеты
Наименование
com.xuxueli:xxl-job
maven
Затронутые версииВерсия исправления
<= 2.4.1
Отсутствует
Связанные уязвимости
CVSS3: 8.8
nvd
больше 2 лет назад
A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/.