CVE-2025-51743

CVSS 9.8 CRITICALEPSS 0.4%CWE-502

An issue was discovered in jishenghua JSH_ERP 2.3.1. The /materialCategory/addMaterialCategory endpoint is vulnerable to fastjson deserialization attacks.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Productos afectados

n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://blog.hackpax.top/jsh-erp2/https://gist.github.com/Paxsizy/cd1557aeba8093a8650601c4dbffb6f9 https://gitee.com/jishenghua https://gitee.com/jishenghua/JSH_ERP