Description
xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat.
Remediation
References
https://github.com/xuxueli/xxl-job/issues/3330
Related Vulnerabilities
CVE-2020-7677 Vulnerability in maven package org.webjars.npm:thenify
CVE-2017-16147 Vulnerability in npm package shit-server
CVE-2021-42697 Vulnerability in maven package com.typesafe.akka:akka-http_2.13
CVE-2023-41578 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-parent
CVE-2021-32859 Vulnerability in maven package org.webjars.npm:github-com-baremetrics-calendar