Security Advisory

CVE-2025-67341

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-12 00:00:00

Last updated 2025-12-12 19:25:06

Assigner mitre

State PUBLISHED

Description

jshERP versions 3.5 and earlier are affected by a stored XSS vulnerability. This vulnerability allows attackers to upload PDF files containing XSS payloads. Additionally, these PDF files can be accessed via static URLs, making them accessible to all users.

← Browse all CVEs View on cve.org ↗