CVE-2025-8839 jshERP Endpoint addUser improper authorization

A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may b...

PT-2024-26969 · Kanboard +1 · Kanboard +1

Name of the Vulnerable Software and Affected Versions: Kanboard versions prior to 1.2.37 Description: The issue is related to the Kanban methodology-based project management software, Kanboard. It involves a vulnerability in the addUser function within the ProjectPermissionController.php file...