CVE-2025-7788

Severity CVSS v4.0:
MEDIUM
Type:
CWE-77 Command Injection
Publication date:
18/07/2025
Last modified:
22/07/2025

Description

A vulnerability has been found in Xuxueli xxl-job up to 3.1.1 and classified as critical. Affected by this vulnerability is the function commandJobHandler of the file src\main\java\com\xxl\job\executor\service\jobhandler\SampleXxlJob.java. The manipulation leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.