Description
XXL-Job before v2.3.1 contains a Server-Side Request Forgery (SSRF) via the component /admin/controller/JobLogController.java.
Remediation
References
https://github.com/xuxueli/xxl-job/issues/3002
Related Vulnerabilities
CVE-2022-41935 Vulnerability in maven package org.xwiki.platform:xwiki-platform-livetable-ui
CVE-2021-29442 Vulnerability in maven package com.alibaba.nacos:nacos-common
CVE-2023-46497 Vulnerability in npm package @evershop/evershop
CVE-2023-36477 Vulnerability in maven package org.xwiki.platform:xwiki-platform-ckeditor-ui