CVE-2025-7787 – Xuxueli xxl-job Server-Side Request Forgery (SSRF) Vulnerability

July 18, 2025

CVE ID : CVE-2025-7787

Published : July 18, 2025, 3:15 p.m. | 2 hours, 3 minutes ago

Description : A vulnerability, which was classified as critical, was found in Xuxueli xxl-job up to 3.1.1. Affected is the function httpJobHandler of the file srcmainjavacomxxljobexecutorservicejobhandlerSampleXxlJob.java. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-53888 – RIOT-OS L2FILTER Add Buffer Overflow

Next Article CVE-2025-7788 – Xuxueli xxl-job OS Command Injection

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Building smarter interactions with MCP elicitation: From clunky tool calls to seamless user experiences

From Zero to MCP: Simplifying AI Integrations with xmcp

Distribution Release: Linux Mint 22.2

Coded Smorgasbord: Basically, a Smorgasbord

Drupal 11’s AI Features: What They Actually Mean for Your Team

Drupal 11’s AI Features: What They Actually Mean for Your Team

Why Data Governance Matters More Than Ever in 2025?

Perficient Included in the IDC Market Glance for Digital Business Professional Services, 3Q25

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

CVE-2025-7787 – Xuxueli xxl-job Server-Side Request Forgery (SSRF) Vulnerability

Critical Linux UDisks Daemon Vulnerability (CVE-2025-8067) Exposes Privileged Data to Local Attackers

Google Slapped with $381 Million Fine in France Over Gmail Ads, Cookie Consent Missteps

CVE-2025-38087 – Linux Kernel Taprio Use-After-Free Vulnerability

Bragg Gaming Group Confirms Cyberattack, Says No Customer Data Impacted

Microsoft and Databricks extend partnership to boost AI innovation on Azure

How to Set Your Primary Monitor (Without Wanting to Throw Your Mouse)

Trend Micro fixes critical vulnerabilities in multiple products

Windows AppData Folder: What It Does and How to Free Up Space

Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts

Public exploits released for CitrixBleed 2 NetScaler flaw, patch now

CVE-2025-7787 – Xuxueli xxl-job Server-Side Request Forgery (SSRF) Vulnerability

Related Posts