Home
Description
An issue was discovered in jishenghua JSH_ERP 2.3.1. The /materialCategory/addMaterialCategory endpoint is vulnerable to fastjson deserialization attacks.
References
gist.github.com/Paxsizy/cd1557aeba8093a8650601c4dbffb6f9
