CVE-2020-23814

Published September 3rd, 2020

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

4.3

MEDIUM

Affected

PROJECT

Description

Multiple cross-site scripting (XSS) vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) AppName and (2)AddressList parameter in JobGroupController.java file.

xuxueli/xxl-job

A distributed task scheduling framework.（分布式任务调度平台XXL-JOB）

GitHub

30.3K