CVE-2023-2713

Name of the Vulnerable Software and Affected Versions Rental Module versions prior to 23.05.15

Description The issue is related to an Authorization Bypass Through User-Controlled Key vulnerability in the Rental Module, which allows for Authentication Abuse and Authentication Bypass. This vulnerability affects the Rental Module developed by a third-party for Ideasoft's E-commerce Platform.

Recommendations For versions prior to 23.05.15, update to a version released after 23.05.15 to resolve the issue. As a temporary workaround, consider restricting access to the Rental Module until a patch is available. Avoid using user-controlled keys in the affected module to minimize the risk of exploitation.