CVE-2023-27087

Xuxueli xxl-job allows attacker to obtain sensitive information via the pageList parameter in maven/com.xuxueli/xxl-job

Identifiers

CVE-2023-27087, GHSA-jhjm-5xjg-mpqp

Package Slug

maven/com.xuxueli/xxl-job

Vulnerability

Xuxueli xxl-job allows attacker to obtain sensitive information via the pageList parameter

Description

Permissions vulnerabiltiy found in Xuxueli xxl-job v2.2.0, v 2.3.0 and v.2.3.1 allows attacker to obtain sensitive information via the pageList parameter.

Affected Versions

All versions starting from 2.2.0 up to 2.3.1

Solution

Upgrade to version 2.4.0 or above.

Last Modified

2023-03-22

source