PowerJob is an open source distributed computing and job scheduling framework that allows developers to easily schedule tasks in their applications. A command execution vulnerability exists in PowerJob version 4.3.3, which stems from the parameter instanceId of /instance/detail failing to properly filter constructor command special characters, commands, and so on. An attacker could use this vulnerability to cause arbitrary command execution.
CPE | Name | Operator | Version |
---|---|---|---|
powerjob powerjob | eq | 4.3.3 |