CVE-2023-26120
CVSS V2 None
CVSS V3 None
Description
This affects all versions of the package com.xuxueli:xxl-job. HTML uploaded payload executed successfully through /xxl-job-admin/user/add and /xxl-job-admin/user/update.
Overview
- CVE ID
- CVE-2023-26120
- Assigner
- report@snyk.io
- Vulnerability Status
- Analyzed
- Published Version
- 2023-04-10T05:15:07
- Last Modified Date
- 2023-04-18T01:36:30
Weakness Enumerations
CPE Configuration (Product)
CPE | Vulnerable | Operator | Version Start | Version End |
---|---|---|---|---|
cpe:2.3:a:xuxueli:xxl-job:*:*:*:*:*:*:*:* | 1 | OR |
References
Reference URL | Reference Tags |
---|---|
https://security.snyk.io/vuln/SNYK-JAVA-COMXUXUELI-3248764 |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-26120 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26120 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2023-04-17 04:25:14 | Added to TrackCVE | |||
2023-04-18 02:00:28 | 2023-04-18T01:36:30 | CVE Modified Date | updated | |
2023-04-18 02:00:28 | Undergoing Analysis | Analyzed | Vulnerability Status | updated |
2023-04-18 02:00:30 | Weakness Enumeration | new | ||
2023-04-18 02:00:33 | CPE Information | updated |