logo

Database

Improper authorization control for web services In tech.powerjob:powerjob-server-starter

Description

PowerJob OpenAPIController is missing authorization A security vulnerability has been detected in PowerJob up to 5.1.2. This vulnerability affects unknown code of the file /openApi/runJob of the component OpenAPIController. Such manipulation leads to missing authorization. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version

Aliases

1. CVE-2025-115812. NVD-2025-115813. OSV-2025-115814. GCVE-2025-11581

References

1. https://github.com/PowerJob/PowerJob/issues/1128

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.