High severityNVD Advisory· Published May 23, 2022· Updated Aug 3, 2024
CVE-2022-29002
CVE-2022-29002
Description
A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.xuxueli:xxl-jobMaven | <= 2.3.0 | — |
Affected products
2- XXL-Job/XXL-Jobdescription
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-v3c9-w6g2-hjg3ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-29002ghsaADVISORY
- github.com/xuxueli/xxl-job/issues/2821ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.