exploitDog

GHSA-j97j-gq6f-fjfg

Опубликовано: 22 нояб. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request.

An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request.

Ссылки

EPSS

Процентиль: 43%

0.00207

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2023-47392

CVSS3: 5.3

nvd

около 2 лет назад

An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request.

EPSS

Процентиль: 43%

0.00207

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-200