Zurück zur CVE-Übersicht
CVE-2026-26718
NONERisk Signal Score10/100 — NIEDRIG
- Weniger als 24 Stunden alt
Beschreibung
A Cross-Site Request Forgery (CSRF) vulnerability exists in the xxl-job-admin web application v.3.0.0 that allows an attacker to perform unauthorized modifications to Glue IDE shell scripts. The affected endpoint lacks proper CSRF token validation and accepts arbitrary HTTP methods via a permissive request mapping