CVE-2025-60801

Alias:

Overview

jshERP up to commit fbda24da was discovered to contain an unauthenticated remote code execution (RCE) vulnerability via the jsh_erp function.

Critical

Low

Medium

No items found.

Severity / CVSS Score: (Critical)

CWE:

Discovery date: October 24, 2025

Authentication required: NoneYes

Attack Vector: None