CVE-2022-29002

Published May 23rd, 2022

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

6.8

MEDIUM

Affected

PROJECT

Description

A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add.

xuxueli/xxl-job

A distributed task scheduling framework.（分布式任务调度平台XXL-JOB）

GitHub

30.3K