CVE-2025-62795 | JumpServer up to 3.10.20-lts/4.10.11-lts WebSocket Endpoint /ws/ldap/ authorization (GHSA-7893-256)

A vulnerability labeled as critical has been found in JumpServer up to 3.10.20-lts/4.10.11-lts. Affected by this issue is some unknown functionality of the file /ws/ldap/ of the component WebSocket Endpoint. The manipulation results in incorrect authorization.

This vulnerability is identified as CVE-2025-62795. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.VulDB Recent EntriesRead More