Zurück zur CVE-Übersicht
CVE-2025-55367
MEDIUM(5.3)CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Risk Signal Score13/100 — NIEDRIG
- CVSS 5.3 — Mittel
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
5.3
Technische Schwere
Beschreibung
Incorrect access control in the component \controller\SupplierController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account.