Description
xxl-job 2.2.0 allows Information Disclosure of username, model, and password via job/admin/controller/UserController.java.
Remediation
References
https://www.ccsq8.com/issues.html
Related Vulnerabilities
CVE-2020-28283 Vulnerability in npm package libnested
CVE-2020-7781 Vulnerability in npm package connection-tester
CVE-2019-16775 Vulnerability in maven package org.webjars.bower:npm
CVE-2020-28480 Vulnerability in maven package org.webjars.npm:jointjs
CVE-2022-39259 Vulnerability in maven package io.github.skylot:jadx-plugins-api