| عنوان | xuxueli xxl-job ≤ 3.1.1 IDOR |
|---|
| الوصف | In xxl-job versions up to 3.1.1, an Insecure Direct Object Reference (IDOR) vulnerability allows authenticated but unauthorized users to delete jobs they do not have permission to manage in /xxl-job-admin/jobinfo/remove, resulting in privilege escalation and unauthorized operations. |
|---|
| المصدر | ⚠️ https://github.com/xuxueli/xxl-job/issues/3773 |
|---|
| المستخدم | ez-lbz (UID 87033) |
|---|
| ارسال | 11/08/2025 06:13 AM (9 أشهر منذ) |
|---|
| الاعتدال | 20/08/2025 04:17 PM (9 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 320806 [Xuxueli xxl-job حتى 3.1.1 Jobs JobInfoController.java remove معرف تجاوز الصلاحيات] |
|---|
| النقاط | 17 |
|---|