CVE-2025-51682
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-12-01
Last updated on: 2025-12-04
Assigner: MITRE
Description
Description
mJobtime 15.7.2 handles authorization on the client side, which allows an attacker to modify the client-side code and gain access to administrative features. Additionally, they can craft requests based on the client-side code to call these administrative functions directly.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mjobtime | mjobtime | 15.7.2 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-602 | The product is composed of a server that relies on the client to implement a mechanism that is intended to protect the server. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The vulnerability in mJobtime 15.7.2 is due to authorization being handled on the client side. This allows an attacker to modify the client-side code to gain access to administrative features. They can also craft requests based on the client-side code to directly invoke these administrative functions.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to gain unauthorized administrative access to the application, potentially leading to unauthorized changes, data manipulation, or control over administrative functions.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70