0.001 Low
EPSS
Percentile
21.4%
Microweber prior to 1.2.11 can suffer from insecure direct object reference(s). A malicious actor can remove items from a victim’s cart.
github.com/microweber/microweber
github.com/microweber/microweber/commit/a41f0fddaf08ff12b2b82506b1ca9490c93ab605
huntr.dev/bounties/051ec6d4-0b0a-41bf-9ded-27813037c9c9
nvd.nist.gov/vuln/detail/CVE-2022-0688