Insecure Permissions in XXL-JOB: Execution of Admin Functions with Low Privilege Account

Insecure Permissions in XXL-JOB: Execution of Admin Functions with Low Privilege Account

CVE-2022-36157 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

XXL-JOB all versions as of 11 July 2022 are vulnerable to Insecure Permissions resulting in the ability to execute admin function with low Privilege account.

Learn more about our Web Application Penetration Testing UK.