CVE-2020-24922

Published August 11th, 2023

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Cross Site Request Forgery (CSRF) vulnerability in xxl-job-admin/user/add in xuxueli xxl-job version 2.2.0, allows remote attackers to execute arbitrary code and esclate privileges via crafted .html file.

xuxueli/xxl-job

A distributed task scheduling framework.（分布式任务调度平台XXL-JOB）

GitHub

30.3K