Description
XXL-Job before v2.3.1 contains a Server-Side Request Forgery (SSRF) via the component /admin/controller/JobLogController.java.
Remediation
References
https://github.com/xuxueli/xxl-job/issues/3002
Related Vulnerabilities
CVE-2021-25948 Vulnerability in npm package expand-hash
CVE-2021-34079 Vulnerability in npm package docker-tester
CVE-2021-26541 Vulnerability in npm package gitlog
CVE-2021-32854 Vulnerability in maven package org.webjars.bower:textangular
CVE-2022-29648 Vulnerability in maven package com.jflyfox:jflyfox_jfinal