CVE-2012-4482

2022-10-0316:15:32

redhat

www.cve.org

ubercart

securetrading

drupal

payment verification

remote attackers

item purchase.

6.7 Medium

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

60.6%

JSON

The Ubercart SecureTrading Payment Method module 6.x for Drupal does not properly verify payment notification information, which allows remote attackers to purchase an item without paying via unspecified vectors.

References

drupal.org/node/1679820

www.openwall.com/lists/oss-security/2012/10/04/6

www.openwall.com/lists/oss-security/2012/10/07/1