2 matches found
CVE-2022-33077
nopCommerce v4.50.2 contains an access control flaw in the addressedit endpoint that allows attackers to arbitrarily modify any customer’s address. Root cause identified as an access control issue. The documents do not specify a fixed version or patch details; no exploitation status is provided.
CVE-2022-33077
An access control issue in nopcommerce v4.50.2 allows attackers to arbitrarily modify any customer's address via the addressedit endpoint...