Description
An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save.
Remediation
References
https://github.com/KFCFans/PowerJob/issues/99
Related Vulnerabilities
CVE-2021-23378 Vulnerability in npm package picotts
CVE-2021-27905 Vulnerability in maven package org.apache.solr:solr-core
CVE-2023-28867 Vulnerability in maven package com.graphql-java:graphql-java
CVE-2021-4279 Vulnerability in maven package org.webjars.npm:fast-json-patch
CVE-2022-36527 Vulnerability in maven package com.jflyfox:jflyfox_jfinal