3 matches found
CVE-2022-0514 Business Logic Errors in crater-invoice/crater
Business Logic Errors in GitHub repository crater-invoice/crater prior to 6.0.5...
CVE-2022-0514
CVE-2022-0514 affects crater-invoice/crater prior to 6.0.5. The issue is a business logic flaw in Crater’s settings handling that lets an attacker alter the currency by tampering a parameter in the API request (e.g., /api/v1/company/settings with currency set to 1 and changing it to 2). The impac...
CVE-2022-0514 Business Logic Errors in crater-invoice/crater
Business Logic Errors in GitHub repository crater-invoice/crater prior to 6.0.5...