Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Xuxueli — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting Xuxueli. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Xuxueli is a Chinese video download tool primarily used for capturing online content from various platforms. Historically, it has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its 12 recorded CVEs. The application often requires elevated privileges, increasing potential impact from exploits. Notable security characteristics include its frequent bundling with adware and potentially unwanted programs, which have led to distribution warnings from security vendors. While no major public security incidents have been widely documented, its vulnerability history suggests consistent security challenges in handling untrusted input and managing system permissions.

Top products by Xuxueli: xxl-job xxl-sso
CVE IDTitleCVSSSeverityPublished
CVE-2026-7306 Xuxueli xxl-job OpenAPI Endpoint OpenApiController.java hard-coded key — xxl-jobCWE-321 5.6 Medium2026-04-28
CVE-2026-7305 Xuxueli xxl-job trigger Endpoint XxlJobServiceImpl.java triggerJob server-side request forgery — xxl-jobCWE-918 6.3 Medium2026-04-28
CVE-2026-7303 Xuxueli xxl-job Execution Log JobLogController.java logDetailCat resource injection — xxl-jobCWE-99 3.7 Low2026-04-28
CVE-2026-3733 xuxueli xxl-job JobInfoController.java server-side request forgery — xxl-jobCWE-918 6.3 Medium2026-03-08
CVE-2025-9264 Xuxueli xxl-job Jobs JobInfoController.java remove resource injection — xxl-jobCWE-99 5.4 Medium2025-08-20
CVE-2025-9263 Xuxueli xxl-job JobLogController.java getJobsByGroup resource injection — xxl-jobCWE-99 4.3 Medium2025-08-20
CVE-2025-7789 Xuxueli xxl-job Token Generation IndexController.java makeToken weak password hash — xxl-jobCWE-916 3.7 Low2025-07-18
CVE-2025-7788 Xuxueli xxl-job SampleXxlJob.java commandJobHandler os command injection — xxl-jobCWE-78 6.3 Medium2025-07-18
CVE-2025-7787 Xuxueli xxl-job SampleXxlJob.java httpJobHandler server-side request forgery — xxl-jobCWE-918 6.3 Medium2025-07-18
CVE-2025-6701 Xuxueli xxl-sso doLogin redirect — xxl-ssoCWE-601 3.5 Low2025-06-26
CVE-2025-6700 Xuxueli xxl-sso login cross site scripting — xxl-ssoCWE-79 4.3 Medium2025-06-26
CVE-2024-3366 Xuxueli xxl-job Template JdkSerializeTool.java deserialize injection — xxl-jobCWE-74 3.5 Low2024-04-06

This page lists every published CVE security advisory associated with Xuxueli. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.