CVE-2022-43183

Server-Side Request Forgery (SSRF) in maven/com.xuxueli/xxl-job-core

Identifiers

GHSA-83w4-x5w9-hf4h, CVE-2022-43183

Package Slug

maven/com.xuxueli/xxl-job-core

Vulnerability

Server-Side Request Forgery (SSRF)

Description

XXL-Job before v2.3.1 contains a Server-Side Request Forgery (SSRF) via the component /admin/controller/JobLogController.java.

Affected Versions

All versions before 2.3.1

Solution

Upgrade to version 2.3.1 or above.

Last Modified

2022-11-22

source