Description
XXL-Job before v2.3.1 contains a Server-Side Request Forgery (SSRF) via the component /admin/controller/JobLogController.java.
Remediation
References
https://github.com/xuxueli/xxl-job/issues/3002
Related Vulnerabilities
CVE-2020-35202 Vulnerability in maven package org.igniterealtime.openfire.plugins:dbaccess
CVE-2017-1000486 Vulnerability in maven package org.primefaces:primefaces
CVE-2016-10735 Vulnerability in maven package org.webjars:bootstrap
CVE-2021-37580 Vulnerability in maven package org.apache.shenyu:shenyu-admin