Количество 2
Количество 2
CVE-2022-34768
insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code.
GHSA-j394-f827-96m2
Supersmart.me - Walk Through Performing unauthorized actions on other customers. Supersmart.me has a product designed to conduct smart shopping in stores. The customer receives a coder (or using an Android application) to scan at the beginning of the purchase the QR CODE on the cart, and then all the products he wants to purchase. At the end of the purchase the customer can pay independently. During the research it was discovered that it is possible to reset another customer's cart without verification. Because the number of purchases is serial.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-34768 insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code. | CVSS3: 6.5 | 0% Низкий | больше 3 лет назад |
| GHSA-j394-f827-96m2 Supersmart.me - Walk Through Performing unauthorized actions on other customers. Supersmart.me has a product designed to conduct smart shopping in stores. The customer receives a coder (or using an Android application) to scan at the beginning of the purchase the QR CODE on the cart, and then all the products he wants to purchase. At the end of the purchase the customer can pay independently. During the research it was discovered that it is possible to reset another customer's cart without verification. Because the number of purchases is serial. | CVSS3: 7.5 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу