3 matches found
CVE-2025-7948
A vulnerability classified as problematic was found in jshERP up to 3.5. Affected by this vulnerability is an unknown functionality of the file /jshERP-boot/user/updatePwd. The manipulation leads to weak password recovery. The attack can be launched remotely. The exploit has been disclosed to the...
CVE-2025-7948 jshERP updatePwd password recovery
A vulnerability classified as problematic was found in jshERP up to 3.5. Affected by this vulnerability is an unknown functionality of the file /jshERP-boot/user/updatePwd. The manipulation leads to weak password recovery. The attack can be launched remotely. The exploit has been disclosed to the...
CVE-2025-7948
CVE-2025-7948 affects jshERP up to version 3.5. The vulnerability is due to a weakness in the handling of the file /jshERP-boot/user/updatePwd, leading to weak password recovery. It can be exploited remotely and the exploit has been publicly disclosed. Affected versions are up to 3.5; remediation...