exploitDog

GHSA-hqg2-5gxq-fjhc

Опубликовано: 21 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value.

Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value.

Ссылки

EPSS

Процентиль: 17%

0.00053

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-639

Связанные уязвимости

CVE-2025-55370

CVSS3: 8.8

nvd

6 месяцев назад

Incorrect access control in the component \controller\ResourceController.java of jshERP v3.5 allows unauthorized attackers to obtain all the corresponding ID data by modifying the ID value.

EPSS

Процентиль: 17%

0.00053

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-639