CVE-2025-7789 | Xuxueli xxl-job up to 3.1.1 Token Generation IndexController.java makeToken weak password hash (Issue 3751)

Inserito da Angelo Barbosa | Lug 18, 2025 | CVE

A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classified as problematic. Affected by this issue is the function makeToken of the file src/main/java/com/xxl/job/admin/controller/IndexController.java of the component Token Generation. The manipulation leads to password hash with insufficient computational effort.

This vulnerability is handled as CVE-2025-7789. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-7789 | Xuxueli xxl-job up to 3.1.1 Token Generation IndexController.java makeToken weak password hash (Issue 3751)

Post correlati

CVE-2024-9294 | dingfanzu CMS up to 29d67d9044f6f93378e6eb6ff92272217ff7225c saveNewPwd.php username sql injection

CVE-2024-10609 | itsourcecode Tailoring Management System Project 1.0 typeadd.php sex sql injection

CVE-2024-30675 | ROS ROS2 Iron Irwini Node injection

CVE-2025-32404 | RT-Labs P-Net up to 1.0.1 RPC Packet out-of-bounds write