Опубликовано: 10 окт. 2025
Источник: github
Github: Прошло ревью
CVSS4: 5.5
CVSS3: 5.3
Описание
PowerJob OpenAPIController is missing authorization
A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
Пакеты
Наименование
tech.powerjob:powerjob-server-starter
maven
Затронутые версииВерсия исправления
<= 5.1.2
Отсутствует
Связанные уязвимости
CVSS3: 5.3
nvd
4 месяца назад
A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.