CVE-2024-50651

Name of the Vulnerable Software and Affected Versions: java shop version 1.0

Description: The issue allows attackers to obtain sensitive information of users with different IDs by modifying the ID parameter. This is due to an Incorrect Access Control flaw.

Recommendations: For java shop version 1.0, as a temporary workaround, consider restricting access to the ID parameter to minimize the risk of exploitation. Avoid using the ID parameter in affected API endpoints until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.