提交 #631704: xuxueli xxl-job ≤ 3.1.1 IDOR信息

标题xuxueli xxl-job ≤ 3.1.1 IDOR
描述In xxl-job versions up to 3.1.1, an Insecure Direct Object Reference (IDOR) vulnerability in /xxl-job-admin/joblog/getJobsByGroup allows authenticated but unauthorized users to access job logs from all groups, resulting in information disclosure.
来源⚠️ https://github.com/xuxueli/xxl-job/issues/3772
用户
 ez-lbz (UID 87033)
提交2025-08-11 05時31分 (9 月前)
管理2025-08-20 16時17分 (9 days later)
状态已接受
VulDB条目320805 [Xuxueli xxl-job 直到 3.1.1 JobLogController.java getJobsByGroup jobGroup 权限提升]
积分16

上一步一览下一步

Do you know our Splunk app?

Download it now for free!