A high-severity vulnerability has been discovered in multiple products from the vendor Job, with specific mention of the Job Diary 1 application. Successful exploitation of this flaw could allow a remote attacker to access and manipulate sensitive data within the application, posing a significant risk of a data breach and service disruption. Organizations are urged to apply the vendor-provided security updates immediately to mitigate this threat.

The vulnerability exists due to improper input sanitization within the Job Diary 1 application, leading to a potential SQL injection attack. A remote, unauthenticated attacker could send specially crafted requests to the application's interface. By injecting malicious SQL queries, an attacker could bypass security controls to read, modify, or delete data from the underlying database, potentially leading to unauthorized information disclosure or complete system compromise.

This vulnerability is rated as High severity with a CVSS score of 7.3. Exploitation could have a significant business impact, including the unauthorized access to and exfiltration of sensitive or confidential information stored within the affected applications. Potential consequences include direct financial loss, reputational damage, regulatory fines for non-compliance with data protection standards (e.g., GDPR, CCPA), and loss of customer trust. The specific risk depends on the nature of the data managed by the Job applications, which could range from internal notes to personally identifiable information (PII).

Immediate Action: Apply the security updates provided by the vendor immediately across all affected systems. After patching, verify that the updates have been successfully installed and that the vulnerability is resolved. It is also critical to monitor for any signs of exploitation that may have occurred prior to patching by reviewing relevant access and application logs.

Proactive Monitoring: Implement enhanced monitoring on affected systems. Security teams should look for anomalous activity in web server and application logs, specifically for malformed requests or suspicious SQL syntax indicative of injection attempts. Database logs should be reviewed for unusual or unauthorized queries. Network traffic should be monitored for data exfiltration patterns.

Compensating Controls: If immediate patching is not feasible, implement compensating controls to reduce the risk of exploitation. Deploy a Web Application Firewall (WAF) with rulesets designed to detect and block SQL injection attacks. Restrict network access to the vulnerable application to only trusted IP addresses and enforce the principle of least privilege for database accounts used by the application.

Public Exploit Available: False

Given the high-severity CVSS score of 7.3, this vulnerability presents a significant risk to the organization. We strongly recommend that the vendor-supplied patches be applied as a top priority. Although CVE-2025-7474 is not yet on the CISA KEV list, its public nature means that exploitation could become a reality in the near future. Organizations should treat this as an urgent threat, proceed with the immediate remediation plan, and implement the recommended monitoring and compensating controls to ensure a robust defense-in-depth security posture.