Описание
TastyIgniter Has an Incorrect Access Control Vulnerability via invoice() Function
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks.
Пакеты
Наименование
tastyigniter/tastyigniter
composer
Затронутые версииВерсия исправления
< 4.0.0
4.0.0
Связанные уязвимости
CVSS3: 8.1
nvd
11 месяцев назад
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks.