exploitDog

GHSA-q7fw-jpjh-xmmm

Опубликовано: 28 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

Incorrect access control in the /jshERP-boot/user/info interface of jshERP up to commit 90c411a allows attackers to access sensitive information via a crafted GET request.

Incorrect access control in the /jshERP-boot/user/info interface of jshERP up to commit 90c411a allows attackers to access sensitive information via a crafted GET request.

Ссылки

EPSS

Процентиль: 19%

0.0006

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284

Связанные уязвимости

CVE-2025-60800

CVSS3: 7.5

nvd

3 месяца назад

Incorrect access control in the /jshERP-boot/user/info interface of jshERP up to commit 90c411a allows attackers to access sensitive information via a crafted GET request.

EPSS

Процентиль: 19%

0.0006

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-284