ГлавнаяУязвимости → CVE-2024-50945
7.5высокая

CVE-2024-50945

Описание

An improper access control vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f, allowing users to submit reviews without verifying if they have purchased the product.

CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Источники
https://github.com/AbdullahAlmutawa/CVE-2024-50945https://github.com/simplcommerce/SimplCommercehttps://www.simplcommerce.com/