8Şub
CVE-2024-24003 | jshERP 3.3 com.jsh.erp.controller.DepotHeadController findInOutMaterialCount column/order sql injection (Issue 99)
A vulnerability has been found in jshERP 3.3 and classified as critical. Affected by this vulnerability is the functionfindInOutMaterialCount
of the component com.jsh.erp.controller.DepotHeadController. The manipulation of the argument column/order leads to sql injection.
This vulnerability is known as CVE-2024-24003. The attack needs to be done within the local network. There is no exploit available.