Description
XXL-Job before v2.3.1 contains a Server-Side Request Forgery (SSRF) via the component /admin/controller/JobLogController.java.
Remediation
References
https://github.com/xuxueli/xxl-job/issues/3002
Related Vulnerabilities
CVE-2021-35065 Vulnerability in maven package org.webjars.npm:glob-parent
CVE-2010-1330 Vulnerability in maven package org.jruby:jruby
CVE-2021-46062 Vulnerability in maven package net.mingsoft:ms-mcms
CVE-2021-21306 Vulnerability in npm package marked
CVE-2023-29518 Vulnerability in maven package org.xwiki.platform:xwiki-platform-invitation-ui