SecBoard
Zurück zur CVE-Übersicht

CVE-2025-55368

HIGH(8.8)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Risk Signal Score22/100 — NIEDRIG
  • CVSS 8.8 — Hoch

EPSS-Score

0%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

8.8

Technische Schwere

Beschreibung

Incorrect access control in the component \controller\RoleController.java of jshERP v3.5 allows unauthorized attackers to arbitrarily modify the supplier status under any account.

Referenzen