Description
xxl-job-admin 2.4.0 is vulnerable to Remote Code Execution (RCE) via /xxl-job-admin/jobcode/save.
Remediation
References
https://github.com/xuxueli/xxl-job/issues/3333
Related Vulnerabilities
CVE-2016-10703 Vulnerability in maven package org.webjars.npm:ecstatic
CVE-2022-35948 Vulnerability in npm package undici
CVE-2018-17420 Vulnerability in maven package com.zrlog:zrlog
CVE-2023-33510 Vulnerability in maven package org.jeecgframework.p3:jeecg-p3-biz-chat
CVE-2023-29521 Vulnerability in maven package org.xwiki.platform:xwiki-platform-vfs-ui