CVE-2025-8839 | jshERP up to 3.5 Endpoint addUser improper authorization (Issue 125)

Inserito da Angelo Barbosa | Ago 10, 2025 | CVE

A vulnerability was found in jshERP up to 3.5. It has been rated as critical. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization.

The identification of this vulnerability is CVE-2025-8839. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2025-8839 | jshERP up to 3.5 Endpoint addUser improper authorization (Issue 125)

Post correlati

CVE-2024-10325 | Elementor Header & Footer Builder Plugin up to 1.6.45 on WordPress SVG File Upload cross site scripting

CVE-2025-22894 | Humming Heads Defense Platform Home Edition up to 3.9.51.x Message shatter

CVE-2024-36676 | BookStack up to 23.10.2 Notification Email denial of service (Issue 4993)

CVE-2024-41656 | getsentry up to 24.7.0 cross site scripting (GHSA-fm88-hc3v-3www)