CVE-2025-31119 - JHipster Entity Audit Remote Code Execution (RCE)

17 hours ago 3

ARTICLE AD BOX

CVE ID : CVE-2025-31119
Published : April 3, 2025, 8:15 p.m. | 42 minutes ago
Description : generator-jhipster-entity-audit is a JHipster module to enable entity audit and audit log page. Prior to 5.9.1, generator-jhipster-entity-audit allows unsafe reflection when having Javers selected as Entity Audit Framework. If an attacker manages to place some malicious classes into the classpath and also has access to these REST interface for calling the mentioned REST endpoints, using these lines of code can lead to unintended remote code execution. This vulnerability is fixed in 5.9.1.
Severity: 7.6 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Read Entire Article

CVE-2025-31119 - JHipster Entity Audit Remote Code Execution (RCE)

ARTICLE AD BOX

Related

CVE-2025-3245 - iSourcecode Library Management System SQL In...

CVE-2025-3244 - SourceCodester Web-based Pharmacy Product Ma...

CVE-2025-3243 - Code-projects Patient Record Management Syst...

Trending

Popular

CVE-2024-6343 - Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W...

CVE-2024-45288 - Apache Nevow Buffer Overflow Vulnerability

CVE-2024-5053 - Fluent Forms Mailchimp API Key Update Weakne...

CVE-2024-8367 - HM Courts & Tribunals Service Probate Back O...

CVE-2025-23218 - WeGIA SQL Injection Vulnerability