-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| com.xuxueli:xxl-job-admin | maven | <= 2.4.0 |
Miggo AIRoot Cause AnalysisThe XSS vulnerability manifests when user-controlled log content (containing HTML/JS) is displayed without proper escaping. The endpoint /joblog/logDetailPage is explicitly called out as the attack vector, and the reproduction steps show stored XSS via log files. The controller handling this endpoint is the logical location where unsanitized log data would be retrieved and passed to the view layer without adequate output encoding.