CVE-2024-11060

Name of the Vulnerable Software and Affected Versions Jinher Network Collaborative Management Platform versions 1.0

Description A critical issue has been found in the Jinher Network Collaborative Management Platform. The problem is related to an unknown function of the file /C6/JHSoft.Web.AcceptAip/AcceptShow.aspx/. The manipulation of the id argument leads to sql injection. It is possible to launch the attack remotely. The issue has been disclosed to the public and may be used.

Recommendations For version 1.0, update to the latest release to mitigate risks. As a temporary workaround, consider restricting access to the vulnerable file /C6/JHSoft.Web.AcceptAip/AcceptShow.aspx/ until a patch is available. Avoid using the id argument in the affected file until the issue is resolved.