Yaozhang

**Name of the Vulnerable Software and Affected Versions** Shenzhen Sixun Software Sixun Shanghui Group Business Management System version 7 **Description** A problematic issue has been found in the Reset Password Interface component, specifically affecting the file /WebPages/Adm/OperatorStop.asp. The manipulation of the `OperId` argument leads to improper authorization, allowing for remote attacks. The complexity of an attack is rather high, and the exploitation is known to be difficult. **Recommendations** For Shenzhen Sixun Software Sixun Shanghui Group Business Management System version 7, as a temporary workaround, consider restricting access to the Reset Password Interface or disabling the `OperId` argument manipulation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.