CVE-2024-24113
XXL-JOB vulnerable to Server-Side Request Forgery in maven/com.xuxueli/xxl-job
Identifiers
GHSA-c352-x843-ggpq, CVE-2024-24113
Package Slug
maven/com.xuxueli/xxl-job
Vulnerability
XXL-JOB vulnerable to Server-Side Request Forgery
Description
xxl-job =< 2.4.1 has a Server-Side Request Forgery (SSRF) vulnerability, which causes low-privileged users to control executor to RCE.
Affected Versions
All versions up to 2.4.0
Solution
Unfortunately, there is no solution available yet.
Last Modified
2024-02-09
| source |