exploitDog

GHSA-vgw5-6pvc-ccx5

Опубликовано: 15 апр. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

An issue in Erick xmall v.1.1 and before allows a remote attacker to escalate privileges via the updateAddress method of the Address Controller class.

An issue in Erick xmall v.1.1 and before allows a remote attacker to escalate privileges via the updateAddress method of the Address Controller class.

Ссылки

EPSS

Процентиль: 58%

0.00363

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-269

Связанные уязвимости

CVE-2025-28399

CVSS3: 9.8

nvd

10 месяцев назад

An issue in Erick xmall v.1.1 and before allows a remote attacker to escalate privileges via the updateAddress method of the Address Controller class.

EPSS

Процентиль: 58%

0.00363

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-269