CVE-2026-7303 | Xuxueli xxl-job up to 3.3.2 Execution Log JobLogController.java logDetailCat logId resource injection (Issue 3936)

Inserito da Angelo Barbosa | Apr 28, 2026 | CVE

A vulnerability was found in Xuxueli xxl-job up to 3.3.2 and classified as problematic. Impacted is the function logDetailCat of the file xxl-job-admin/src/main/java/com/xxl/job/admin/controller/biz/JobLogController.java of the component Execution Log Handler. The manipulation of the argument logId results in improper control of resource identifiers.

This vulnerability was named CVE-2026-7303. The attack may be performed from remote. In addition, an exploit is available.

It is suggested to upgrade the affected component.

CVE-2026-7303 | Xuxueli xxl-job up to 3.3.2 Execution Log JobLogController.java logDetailCat logId resource injection (Issue 3936)

Post correlati

CVE-2025-2051 | PHPGurukul Apartment Visitors Management System 1.0 /search-visitor.php searchdata sql injection

CVE-2024-53962 | Adobe Experience Manager up to 6.5.21 Form Field cross site scripting (apsb24-69)

CVE-2024-30094 | Microsoft Windows up to Server 2022 23H2 Routing/Remote Access Service heap-based overflow

CVE-2024-54840 | CyberArk Access Manager Self-Hosted up to 14.3 PVWA Host injection