7 matches found
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation. It allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the shipment costs associated with the new shipment. All stores with a...
Improper Input Validation
Overview solidusfrontend is a cart and storefront for the Solidus e-commerce project. Affected versions of this package are vulnerable to Improper Input Validation. It allows a malicious customer to craft request data with parameters that allow changing the address of the current order without...
Design/Logic Flaw
In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the...
CVE-2020-15109 Ability to change order address without triggering address validations in solidus
In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the...
GHSA-3MVG-RRRW-M7PH Ability to change order address without triggering address validations in solidus
Impact This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the shipment costs associated with the new shipment. All stores with at least two shipping zones and different costs of shipment per zo...
Ability to change order address without triggering address validations in solidus
Impact This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the shipment costs associated with the new shipment. All stores with at least two shipping zones and different costs of shipment per zo...
Ability to change order address without triggering address validations in solidus
Impact This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the shipment costs associated with the new shipment. All stores with at least two shipping zones and different costs of shipment per zo...