GHSA-3w8r-3jh9-89v9
First published: Wed Nov 15 2023(Updated: )
xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| maven/com.xuxueli:xxl-job-admin | <=2.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of GHSA-3w8r-3jh9-89v9?
The severity of GHSA-3w8r-3jh9-89v9 is medium with a severity value of 5.4.
What software version is affected by GHSA-3w8r-3jh9-89v9?
The software version affected by GHSA-3w8r-3jh9-89v9 is xxl-job-admin 2.4.0.
What is the vulnerability description of GHSA-3w8r-3jh9-89v9?
GHSA-3w8r-3jh9-89v9 is a vulnerability in xxl-job-admin 2.4.0 that allows insecure permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat.
Is there a fix available for GHSA-3w8r-3jh9-89v9?
Yes, there is a fix available for GHSA-3w8r-3jh9-89v9. It is recommended to update to a version that addresses the vulnerability.
Where can I find more information about GHSA-3w8r-3jh9-89v9?
More information about GHSA-3w8r-3jh9-89v9 can be found in the references provided: [link1], [link2], [link3].
- collector/github-advisory-latest
- alias/GHSA-3w8r-3jh9-89v9
- alias/CVE-2023-48087
- package-manager/maven