Vulnerability Details CVE-2025-60800
Incorrect access control in the /jshERP-boot/user/info interface of jshERP up to commit 90c411a allows attackers to access sensitive information via a crafted GET request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 18.1%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2025-60800
-
cpe:2.3:a:jishenghua:jsherp:3.3