0.001 Low
EPSS
Percentile
21.6%
Microweber prior to version 1.2.11 can have a negative product amount. This could allow an attacker to manipulate the total value and get products for free.
github.com/microweber/microweber
github.com/microweber/microweber/commit/91a9d899741557c75050614ff7adb8c0e3feb005
huntr.dev/bounties/f68b994e-2b8b-49f5-af2a-8cd99e8048a5
nvd.nist.gov/vuln/detail/CVE-2022-0596