Missing Authorization Vulnerability in JoomSky JS Job Manager Affects Security Levels
CVE-2025-31868
5.3MEDIUM
Summary
A missing authorization vulnerability in JoomSky JS Job Manager allows attackers to exploit incorrectly configured access control security levels. This issue affects versions from n/a up to and including 2.0.2, potentially exposing sensitive information or allowing unauthorized actions within the application. It is crucial for users to address this vulnerability to maintain the integrity of their security measures.
Affected Version(s)
JS Job Manager <= 2.0.2
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
LVT-tholv2k (Patchstack Alliance)