7.7

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2025-31119

GHSA ID

GHSA-7rmp-3g9f-cvq8

EPSS Score

0.50148%

CWE

CWE-470

Published

4/4/2025

Updated

4/4/2025

KEV Status

Technology

JavaScript

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-31119

CVE-2025-31119: generator-jhipster-entity-audit vulnerable to Unsafe Reflection when having Javers selected as Entity Audit Framework

Summary

CWE-470 (Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') when having Javers selected as Entity Audit Framework

Details

In the following two occurences, user input directly leads to class loading without checking against e.g. a whitelist of allowed classes. This is also known as CWE-470 https://github.com/jhipster/generator-jhipster-entity-audit/blob/e21e83135d10c77d92203c89cb0b0063914e8fe0/generators/spring-boot-javers/templates/src/main/java/package/web/rest/JaversEntityAuditResource.java.ejs#L88 https://github.com/jhipster/generator-jhipster-entity-audit/blob/e21e83135d10c77d92203c89cb0b0063914e8fe0/generators/spring-boot-javers/templates/src/main/java/package/web/rest/JaversEntityAuditResource.java.ejs#L124

So, if an attacker manages to place some malicious classes into the classpath and also has access to these REST interface for calling the mentioned REST endpoints, using these lines of code can lead to unintended remote code execution.

PoC

Place an arbitrary class with the right package name (starting with JHIpster applications path name) and make it available in class path
Gain access to view entity's audit changelogs (Role: ADMIN)
pass in the malicious class name part as entityType (first mentioned part) // qualifiedName (second mentioned occurence)
class gets loaded and static code blocks in there get executed

--> Should be limited to the already existing whitelist of classes (see first method in that mentioned class)

Impact

Remote Code execution. You need to have some access to place malicious classes into the class path and you need to have a user with ADMIN role on the system.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-31119

CVE-2025-31119:

7.7

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2025-31119

GHSA ID

GHSA-7rmp-3g9f-cvq8

EPSS Score

0.50148%

CWE

CWE-470

Published

4/4/2025

Updated

4/4/2025

KEV Status

Technology

JavaScript

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
generator-jhipster-entity-audit	npm	< 5.9.1	5.9.1

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability is clearly identified in two REST endpoint methods within the JaversEntityAuditResource class. Both methods use Class.forName() with user-supplied input (entityType and qualifiedName parameters) concatenated with the application's package name. This unsafe reflection allows loading arbitrary classes if an attacker can control these parameters and place malicious classes in the classpath. The functions are marked with high confidence as they are explicitly mentioned in the vulnerability details and the proof-of-concept. Both functions require ADMIN privileges to access, but once accessed, they can be exploited for remote code execution through static initializers in malicious classes.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

7.7

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-31119: generator-jhipster-entity-audit vulnerable to Unsafe Reflection when having Javers selected as Entity Audit Framework

Summary

Details

PoC

Impact

CVE-2025-31119:

7.7

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Basic Information

Basic Information

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Technical Details

7.7

7.7

CVE-2025-31119: generator-jhipster-entity-audit vulnerable to Unsafe Reflection when having Javers selected as Entity Audit Framework

Summary

Details

PoC

Impact

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI