Описание
Business Logic Errors in microweber/microweber
A vulnerability has been identified in microweber where users can purchase items with a coupon code. If the admin disables the use of the coupon code functionality, but the user sends requests to the API that handles the coupon code, the user can exploit the vulnerability and obtain items at a lower price.
Пакеты
Наименование
microweber/microweber
composer
Затронутые версииВерсия исправления
< 2.0.0
2.0.0
Связанные уязвимости
CVSS3: 4.3
nvd
около 2 лет назад
Business Logic Errors in GitHub repository microweber/microweber prior to 2.0.