CVE-2025-55371 | jshERP 3.5 PersonController.java getAllList access control

Inserito da Angelo Barbosa | Ago 21, 2025 | CVE

A vulnerability marked as critical has been reported in jshERP 3.5. This affects the function getAllList of the file /controller/PersonController.java. The manipulation leads to improper access controls.

This vulnerability is listed as CVE-2025-55371. The attack may be initiated remotely. There is no available exploit.

CVE-2025-55371 | jshERP 3.5 PersonController.java getAllList access control

Post correlati

CVE-2024-7382 | Linkify Text Plugin up to 1.9.1 on WordPress information disclosure

CVE-2025-24565 | Saleswonder Team Tobias WP2LEADS Plugin up to 3.3.3 on WordPress cross site scripting

CVE-2024-2200 | BestWebSoft Contact Form Plugin up to 4.2.8 on WordPress cntctfrm_contact_subject cross site scripting

CVE-2025-20902 | Samsung Media Controller prior 1.0.24.5282 improper export of android application components