CVE: Common Vulnerabilities and Exposures

Required CVE Record Information

Description

A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/.

Product Status

Learn more

Information not provided

References 3 Total

http://xxl-job.com
external site
https://github.com/xuxueli/xxl-job
external site
https://github.com/silence-silence/xxl-job-lateral-privilege-escalation-vulnerability-/blob/main/README.md
external site

Updated: 2024-08-02

This container includes required additional information provided by the CVE Program for this vulnerability.

References 3 Total

http://xxl-job.com
external site
x_transferred
https://github.com/xuxueli/xxl-job
external site
x_transferred
https://github.com/silence-silence/xxl-job-lateral-privilege-escalation-vulnerability-/blob/main/README.md
external site
x_transferred

Authorized Data Publishers

Learn more

Common vulnerabilities and Exposures (CVE)

Required CVE Record Information

CNA: MITRE Corporation

Description

Product Status

References 3 Total

CVE Program

References 3 Total

Authorized Data Publishers

CISA-ADP