Описание
A security vulnerability has been detected in mickasmt next-saas-stripe-starter 1.0.0. Affected is the function generateUserStripe of the file actions/generate-user-stripe.ts of the component Checkout Handler. The manipulation of the argument priceId leads to business logic errors. The attack may be initiated remotely.
EPSS
Процентиль: 8%
0.00029
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-840
Связанные уязвимости
CVSS3: 4.3
github
18 дней назад
A security vulnerability has been detected in mickasmt next-saas-stripe-starter 1.0.0. Affected is the function generateUserStripe of the file actions/generate-user-stripe.ts of the component Checkout Handler. The manipulation of the argument priceId leads to business logic errors. The attack may be initiated remotely.
EPSS
Процентиль: 8%
0.00029
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-840