Description
An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save.
Remediation
References
https://github.com/KFCFans/PowerJob/issues/99
Related Vulnerabilities
CVE-2022-1438 Vulnerability in maven package org.keycloak:keycloak-services
CVE-2017-9735 Vulnerability in maven package org.eclipse.jetty:jetty-util
CVE-2021-21179 Vulnerability in npm package electron
CVE-2022-25647 Vulnerability in maven package com.google.code.gson:gson
CVE-2022-1243 Vulnerability in maven package org.webjars.npm:urijs