CVE-2026-7670

Name of the Vulnerable Software and Affected Versions Jinher OA version 1.0

Description A remote SQL injection flaw exists in the file '/C6/JHSoft.Web.PlanSummarize/UserSel.aspx'. The issue is triggered by the manipulation of the DeptIDList argument within an unknown function of that file. SQL injection is a technique where an attacker inserts malicious SQL code into a query, potentially allowing them to manipulate the database.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.