CVE-2023-29922

MEDIUM NUCLEI

Powerjob - Improper Access Control

Title source: rule

Description

PowerJob V4.3.1 is vulnerable to Incorrect Access Control via the create user/save interface.

Exploits (1)

nomisec SCANNER
by CN016 · poc
https://github.com/CN016/Powerjob-CVE-2023-29922-

Nuclei Templates (1)

PowerJob V4.3.1 - Authentication Bypass
MEDIUMVERIFIEDby Co5mos
Shodan: html:"PowerJob" || http.html:"powerjob"
FOFA: app="PowerJob" || app="powerjob" || body="powerjob"

References (1)

Scores

CVSS v3 5.3
EPSS 0.9119
EPSS Percentile 99.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Details

CWE
CWE-284
Status published
Products (2)
powerjob/powerjob 4.3.1
tech.powerjob/powerjob 0Maven
Published Apr 19, 2023
Tracked Since Feb 18, 2026