Incorrect Permission Assignment for Critical Resource

CVE-2023-48087

Medium

5.4/10

xxl-job-admin is vulnerable to Insecure Permissions via "/xxl-job-admin/joblog/clearLog" and "/xxl-job-admin/joblog/logDetailCat".

The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.