A vulnerability classified as problematic has been found in Huaxia ERP up to 3.1. Affected is an unknown function of the file src/main/java/com/jsh/erp/controller/UserController.java. The manipulation leads to weak password recovery.
This vulnerability is traded as CVE-2024-0491. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.