CVE-2025-9263

Name of the Vulnerable Software and Affected Versions: Xuxueli xxl-job versions up to 3.1.1

Description: A vulnerability exists in the getJobsByGroup function located in the /src/main/java/com/xxl/job/admin/controller/JobLogController.java file. Manipulation of the jobGroup argument results in improper control of resource identifiers, potentially allowing for remote exploitation. The exploit has been publicly disclosed and may be used.

Recommendations: Versions prior to 3.1.1 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.