Filtered by vendor Xuxueli
Subscriptions
Filtered by product Xxl-api
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-60645 | 1 Xuxueli | 1 Xxl-api | 2025-12-03 | 6.5 Medium |
| A Cross-Site Request Forgery (CSRF) in xxl-api v1.3.0 allows attackers to arbitrarily add users to the management module via a crafted GET request. | ||||
| CVE-2025-60646 | 1 Xuxueli | 1 Xxl-api | 2025-12-03 | 6.1 Medium |
| A stored cross-site scripting (XSS) in the Business Line Management module of Xxl-api v1.3.0 attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter. | ||||
Page 1 of 1.