Описание
XXL-JOB vulnerable to Server-Side Request Forgery
xxl-job <= 2.4.2 has a Server-Side Request Forgery (SSRF) vulnerability, which causes low-privileged users to control executor to RCE.
Пакеты
Наименование
com.xuxueli:xxl-job
maven
Затронутые версииВерсия исправления
<= 2.4.2
Отсутствует
Связанные уязвимости
CVSS3: 8.8
nvd
почти 2 года назад
xxl-job =< 2.4.1 has a Server-Side Request Forgery (SSRF) vulnerability, which causes low-privileged users to control executor to RCE.