CVE-2020-24922 Information

Description

Cross Site Request Forgery (CSRF) vulnerability in xxl-job-admin/user/add in xuxueli xxl-job version 2.2.0 allows remote attackers to execute arbitrary code and esclate privileges via crafted .html file.

Reference

https://github.com/xuxueli/xxl-job/issues/1921