CRITICAL
xxl-job-admin
CVE published 2026-07-15
CVE-2026-26718
A Cross-Site Request Forgery (CSRF) vulnerability exists in the xxl-job-admin web application v.3.0.0, allowing unauthorized modifications to Glue IDE shell scripts due to a lack of proper CSRF token validation and permissive request mapping. The affected endpoint's vulnerability could lead to significant security breaches if exploited, emphasizing the need for prompt patching and additional security meas [truncated]