ГлавнаяУязвимости → CVE-2024-50654
7.5высокая

CVE-2024-50654

Описание

lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain coupons beyond the quantity limit by capturing and sending the data packets for coupon collection in high concurrency.

Затрагиваемое ПО
Pickmall Lilishop
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Источники
https://github.com/Yllxx03/CVE/blob/main/lilishop/CouponLogicVulnerability.mdhttps://github.com/Yllxx03/CVE/tree/main/CVE-2024-50654