com.xuxueli:xxl-job-admin (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package com.xuxueli:xxl-job-admin, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2023-48089 — CVSS 8.8 (high): xxl-job-admin 2.4.0 is vulnerable to Remote Code Execution (RCE) via /xxl-job-admin/jobcode/save.
CVE-2025-9264 — CVSS 5.4 (medium): A vulnerability was found in Xuxueli xxl-job up to 3.1.1. Affected by this issue is the function remove of the file /src/main/java/com/xxl/j…
CVE-2023-48088 — CVSS 5.4 (medium): xxl-job-admin 2.4.0 is vulnerable to Cross Site Scripting (XSS) via /xxl-job-admin/joblog/logDetailPage.
CVE-2023-48087 — CVSS 5.4 (medium): xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat.
CVE-2025-9263 — CVSS 4.3 (medium): A vulnerability has been found in Xuxueli xxl-job up to 3.1.1. Affected by this vulnerability is the function getJobsByGroup of the file…
CVE-2025-7789 — CVSS 3.7 (low): A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected by this issue is the function makeToken of…
CVE-2026-7303 — CVSS 3.7 (low): A security flaw has been discovered in Xuxueli xxl-job up to 3.3.2. Impacted is the function logDetailCat of the file…