Jishenghua JSH_ERP Fastjson Deserialization Vulnerability in Role Management Endpoint

A fastjson deserialization vulnerability has been identified in Jishenghua JSH_ERP version 2.3.1. The issue arises in the role management endpoint '/role/addcan', where improper handling of data allows for malicious payloads to be processed, potentially leading to unauthorized actions or data manipulation.

Impact

Exploitation of this vulnerability could result in remote code execution on the server where JSH_ERP is hosted.