CVE-2025-8839 – jshERP Remote Authorization Bypass Vulnerability

CVE ID : CVE-2025-8839

Published : Aug. 11, 2025, 9:15 a.m. | 28 minutes ago

Description : A vulnerability was found in jshERP up to 3.5. This issue affects some unknown processing of the file /jshERP-boot/user/addUser of the component Endpoint. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…