Description
A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2023-1516 | A lateral privilege escalation vulnerability in XXL-Job v2.4.1 allows users to execute arbitrary commands on another user's account via a crafted POST request to the component /jobinfo/. |
Github GHSA |
GHSA-9mmj-64jh-ph9c | Privilege escalation in XXL-Job |
References
History
Tue, 14 Jan 2025 20:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-863 | |
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-05T00:21:22.596Z
Reserved: 2023-05-22T00:00:00.000Z
Link: CVE-2023-33779
Updated: 2024-08-02T15:47:06.683Z
Status : Modified
Published: 2023-05-26T17:15:18.153
Modified: 2026-06-17T06:02:16.670
Link: CVE-2023-33779
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-863
Incorrect Authorization
- NVD-CWE-noinfo
EUVD
Github GHSA