VYPR

Maven package

com.xuxueli/xxl-conf-admin

pkg:maven/com.xuxueli/xxl-conf-admin

Vulnerabilities (1)

  • CVE-2018-20094HigDec 12, 2018
    affected <= 1.6.0

    An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java.