The vulnerability identified as CVE-2025-13811 affects jsnjfz WebStack-Guns version 1.0, specifically in the source code file src/main/java/com/jsnjfz/manage/core/common/constant/factory/PageFactory.java. The flaw is an SQL injection caused by improper sanitization or validation of the 'sort' parameter, which is used in constructing SQL queries. An attacker can remotely send crafted input to this parameter, leading to injection of arbitrary SQL commands. This can result in unauthorized data access, modification, or potentially data destruction depending on the database privileges. The vulnerability does not require authentication or user interaction, increasing its risk profile. The vendor was informed early but has not issued a patch or mitigation guidance. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:L, meaning low privileges needed), no user interaction (UI:N), and low impact on confidentiality, integrity, and availability (VC:L, VI:L, VA:L). The exploitability is partially confirmed (E:P), but no active exploitation has been reported. The lack of vendor response and public disclosure increases the urgency for users to apply their own mitigations.

For European organizations, the impact of this vulnerability can be significant if they deploy jsnjfz WebStack-Guns 1.0 in their web infrastructure. Successful exploitation could lead to unauthorized access to sensitive data stored in backend databases, including customer information, internal records, or intellectual property. Data integrity could be compromised by unauthorized modifications, and availability might be affected if attackers execute destructive queries. Given the remote exploitability without authentication, attackers can operate from anywhere, increasing the threat surface. Organizations in sectors with strict data protection regulations such as GDPR could face compliance violations and reputational damage if breaches occur. The medium severity score reflects that while the impact is not catastrophic, it is still serious enough to warrant prompt attention, especially in environments where the software is exposed to the internet.

Since no official patch or vendor guidance is available, European organizations should implement immediate compensating controls. First, apply strict input validation and sanitization on the 'sort' parameter at the application or web server level to block malicious payloads. Employ Web Application Firewalls (WAFs) with custom rules to detect and block SQL injection patterns targeting this parameter. Restrict database user permissions to the minimum necessary to limit the impact of any injection. Monitor logs for unusual query patterns or errors indicative of injection attempts. If possible, isolate or segment systems running WebStack-Guns to reduce exposure. Consider replacing or upgrading the software if feasible. Additionally, conduct security audits and penetration testing focused on SQL injection vectors. Maintain heightened monitoring for any signs of exploitation and prepare incident response plans accordingly.