High severityNVD Advisory· Published Aug 11, 2023· Updated Oct 9, 2024
CVE-2020-24922
CVE-2020-24922
Description
Cross Site Request Forgery (CSRF) vulnerability in xxl-job-admin/user/add in xuxueli xxl-job version 2.2.0, allows remote attackers to execute arbitrary code and esclate privileges via crafted .html file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.xuxueli:xxl-jobMaven | <= 2.2.0 | — |
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-jp5r-4x9q-4vcfghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-24922ghsaADVISORY
- github.com/xuxueli/xxl-job/issues/1921ghsaWEB
News mentions
0No linked articles in our index yet.