4 matches found
EUVD-2020-0585
Malware in sbrugna...
CVE-2020-15109
In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the...
CVE-2020-15109 Ability to change order address without triggering address validations in solidus
In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the...
GHSA-3MVG-RRRW-M7PH Ability to change order address without triggering address validations in solidus
Impact This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the shipment costs associated with the new shipment. All stores with at least two shipping zones and different costs of shipment per zo...