Zurück zur CVE-Übersicht
CVE-2025-55370
HIGH(8.8)CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Risk Signal Score22/100 — NIEDRIG
- CVSS 8.8 — Hoch
EPSS-Score
0%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
8.8
Technische Schwere
Beschreibung
Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value.