Description
XXL-Job before v2.3.1 contains a Server-Side Request Forgery (SSRF) via the component /admin/controller/JobLogController.java.
Remediation
References
https://github.com/xuxueli/xxl-job/issues/3002
Related Vulnerabilities
CVE-2020-28283 Vulnerability in npm package libnested
CVE-2020-7738 Vulnerability in npm package shiba
CVE-2023-48089 Vulnerability in maven package com.xuxueli:xxl-job-admin
CVE-2021-32732 Vulnerability in maven package org.xwiki.platform:xwiki-platform-administration-ui
CVE-2021-32859 Vulnerability in npm package baremetrics-calendar