silence-silence/xxl-job-lateral-privilege-escalation-vulnerability-

silence-silence/xxl-job-lateral-privilege-escalation-vulnerability-

GitHubGitHub
GitHubgithub.com
Releases0
xxl-job lateral privilege escalation vulnerability
Log in to subscribe

CVE History

CVEPublishedCVSS v3CVSS v2
CVE-2023-33779
8.8 HIGH

A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/.