2 matches found
CVE-2015-4368
CVE-2015-4368 affects the Drupal Commerce Ogone module (7.x-1.x) prior to 7.x-1.5. The vulnerability allows malicious users to bypass the payment step and complete the checkout without a payment being processed, via unspecified vectors described in the advisory and CVE records. The root cause is ...
SA-CONTRIB-2015-072 - Commerce Ogone - Access bypass
This module enables you to use Ogone Ingenico as a payment method for Drupal Commerce. Malicious users can trick Commerce Ogone into proceeding with the checkout process without actually going through the Ogone payment process, causing the order status to be set to checkout complete, even though ...