CVE-2022-29770

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in maven/com.xuxueli/xxl-job

Identifiers

CVE-2022-29770

Package Slug

maven/com.xuxueli/xxl-job

Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Description

XXL-Job v2.3.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via /xxl-job-admin/jobinfo.

Affected Versions

Version 2.3.0

Solution

Upgrade to version 2.3.1 or above.

Last Modified

2022-06-16

source