CVE-2022-29002

A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add.
References
Link Resource
https://github.com/xuxueli/xxl-job/issues/2821 Exploit Issue Tracking
Configurations

Configuration 1

cpe:2.3:a:xuxueli:xxl-job:2.3.0:*:*:*:*:*:*:*

Information

Published : 2022-05-23 09:16

Updated : 2022-06-07 04:05


NVD link : CVE-2022-29002

Mitre link : CVE-2022-29002

Products Affected
CWE