5 matches found
CVE-2025-67344
jshERP v3.5 and earlier is affected by a stored Cross Site Scripting XSS vulnerability via the /msg/add endpoint...
CVE-2025-67344
jshERP v3.5 and earlier is affected by a stored Cross Site Scripting XSS vulnerability via the /msg/add endpoint...
jshERP 安全漏洞
jshERP Huaxia ERP is a homegrown ERP system by the individual developer of China's Ji Sheng Hua. A security vulnerability exists in jshERP v3.5 and earlier versions, which stems from a stored cross-site scripting vulnerability in the /msg/add endpoint...
PT-2025-50955
Name of the Vulnerable Software and Affected Versions jshERP versions prior to 3.5 Description The software is susceptible to a stored Cross Site Scripting XSS issue. The vulnerability exists through the /msg/add API endpoint. An attacker could potentially inject malicious scripts that are then...
CVE-2025-67344
jshERP v3.5 and earlier is affected by a stored Cross Site Scripting XSS vulnerability via the /msg/add endpoint...