Description
Multiple cross-site scripting (XSS) vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) AppName and (2)AddressList parameter in JobGroupController.java file.
Remediation
References
https://github.com/xuxueli/xxl-job/issues/1866
https://www.ccsq8.com/issues.html
Related Vulnerabilities
CVE-2023-35088 Vulnerability in maven package org.apache.inlong:manager-service
CVE-2021-26291 Vulnerability in maven package org.apache.maven:apache-maven
CVE-2021-46063 Vulnerability in maven package net.mingsoft:ms-mcms
CVE-2020-7712 Vulnerability in npm package json
CVE-2014-0002 Vulnerability in maven package org.apache.camel:camel-core