CVE-2025-11581

Опубликовано: 10 окт. 2025

Источник: nvd

CVSS3: 5.3

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

Ссылки

https://github.com/PowerJob/PowerJob/issues/1128
Issue Tracking
Third Party Advisory
https://vuldb.com/?ctiid.327903
Permissions Required
VDB Entry
https://vuldb.com/?id.327903
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.662558
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:powerjob:powerjob:*:*:*:*:*:*:*:*

Версия до 5.1.2 (включая)

EPSS

Процентиль: 12%

0.00041

Низкий

5.3 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-862

Связанные уязвимости

GHSA-9wq6-87hw-6mhc

CVSS3: 5.3

github

4 месяца назад

PowerJob OpenAPIController is missing authorization

EPSS

Процентиль: 12%

0.00041

Низкий

5.3 Medium

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-862