PT-2026-24475 · Sylius · Sylius
Rokorolov
·
Publicado
2026-03-10
·
Atualizado
2026-03-11
·
CVE-2026-31821
CVSS v4.0
6.9
Média
| Vetor | AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Sylius versions prior to 2.0.16
Sylius versions prior to 2.1.12
Sylius versions prior to 2.2.3
Description
The POST
/api/v2/shop/orders/{tokenValue}/items endpoint in Sylius does not verify cart ownership. This allows an unauthenticated attacker to add items to other registered customers' carts if they know the tokenValue. An attacker obtaining a tokenValue can add arbitrary items to another customer’s cart. The endpoint returns the full cart representation in the response (HTTP 201).Recommendations
Update to Sylius version 2.0.16 or later.
Update to Sylius version 2.1.12 or later.
Update to Sylius version 2.2.3 or later.
Exploit
Correção
Missing Authorization
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sylius