CVE-2020-29204

XXL-JOB 2.2.0 allows Stored XSS (in Add User) to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java.
References
Link Resource
https://github.com/xuxueli/xxl-job/issues/2083 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:xuxueli:xxl-job:2.2.0:*:*:*:*:*:*:*

Information

Published : 2020-12-27 06:15

Updated : 2020-12-29 06:18


NVD link : CVE-2020-29204

Mitre link : CVE-2020-29204

Products Affected
CWE