PT-2024-28450 · Aimeos · Ai-Controller-Frontend
Ssshah2131
·
Published
2024-07-02
·
Updated
2024-10-15
·
CVE-2024-39325
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
aimeos/ai-controller-frontend versions prior to 2024.04.2
aimeos/ai-controller-frontend versions prior to 2023.10.9
aimeos/ai-controller-frontend versions prior to 2022.10.8
aimeos/ai-controller-frontend versions prior to 2021.10.8
aimeos/ai-controller-frontend versions prior to 2020.10.15
Description
The issue is related to the payment status of a user's basket not being reset after a purchase is completed. This could potentially allow for manipulation.
Recommendations
Update to version 2024.04.2 or later.
Update to version 2023.10.9 or later.
Update to version 2022.10.8 or later.
Update to version 2021.10.8 or later.
Update to version 2020.10.15 or later.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ai-Controller-Frontend