CNNVD-202508-922 Information

CNNVD ID

CNNVD-202508-922

Related CVE

CVE-2025-8840

• CNNVD Published: 2025-08-11

Description (Chinese)

jshERP（华夏ERP）是中国季圣华个人开发者的一款国产 ERP 系统。 jshERP（华夏ERP） 3.5及之前版本存在安全漏洞，该漏洞源于文件/jshERP-boot/user/deleteBatch中参数ids处理不当导致授权缺陷。

Description (English)

Jsherp (Wahsha ERP) is a nationally produced ERP system for Chinese personal developers in Zhi Sanhua. The security loophole in the jsherp (Wahushah ERP) 3.5 and earlier versions stems from the mishandling of the parameters ids in the document/jsherp-boot/user/deleteBatch, which resulted in a mandate defect.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-11

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.319374 https://github.com/jishenghua/jshERP/issues/126 https://vuldb.com/?id.319374 https://vuldb.com/?submit.622573 https://vuldb.com/?submit.622621 https://access.redhat.com/security/cve/cve-2025-8840