Vulnerabilities > Xuxueli > XXL JOB > 2.4.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-08 | CVE-2024-24113 | Server-Side Request Forgery (SSRF) vulnerability in Xuxueli Xxl-Job xxl-job =< 2.4.1 has a Server-Side Request Forgery (SSRF) vulnerability, which causes low-privileged users to control executor to RCE. | 8.8 |
| 2023-05-26 | CVE-2023-33779 | Unspecified vulnerability in Xuxueli Xxl-Job 2.4.1 A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/. | 8.8 |