Description
xxl-job-admin 2.4.0 is vulnerable to Cross Site Scripting (XSS) via /xxl-job-admin/joblog/logDetailPage.
Remediation
References
https://github.com/xuxueli/xxl-job/issues/3329
Related Vulnerabilities
CVE-2022-45208 Vulnerability in maven package org.jeecgframework.boot:jeecg-module-system
CVE-2019-20149 Vulnerability in maven package org.webjars.bowergithub.jonschlinkert:kind-of
CVE-2021-39147 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2022-2217 Vulnerability in maven package org.webjars.npm:parse-url