CVE-2023-48087: xxl-job-admin vulnerable to Insecure Permissions

November 15, 2023

xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat.

References

github.com/advisories/GHSA-3w8r-3jh9-89v9
github.com/xuxueli/xxl-job/issues/3330
nvd.nist.gov/vuln/detail/CVE-2023-48087

Detect and mitigate CVE-2023-48087 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →