SecBoard
Zurück zur CVE-Übersicht

CVE-2025-55370

HIGH(8.8)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Risk Signal Score22/100 — NIEDRIG
  • CVSS 8.8 — Hoch

EPSS-Score

0%

Exploit-Wahrscheinlichkeit (30 Tage)

CVSS Score

8.8

Technische Schwere

Beschreibung

Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value.

Referenzen