Lucene search
+L

5 matches found

Snyk
Snyk
added 2026/01/10 4:57 a.m.1 views

Authorization Bypass Through User-Controlled Key

Overview spreestorefront is a modern fully featured storefront and checkout for Spree Commerce Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key over the /addresses/addressId/edit endpoint, allowing the exposure of guest addresses. An attacker ca...

8.7CVSS6.6AI score0.00383EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2026/01/08 9:28 p.m.10 views

Spree API has Unauthenticated IDOR - Guest Address

Summary An Unauthenticated Insecure Direct Object Reference IDOR vulnerability was identified that allows an unauthenticated attacker to access guest address information without supplying valid credentials or session cookies. Details During testing, it was observed that all guest users can make a...

7.5CVSS6.9AI score0.00383EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2026/01/08 9:28 p.m.6 views

GHSA-3GHG-3787-W2XR Spree API has Unauthenticated IDOR - Guest Address

Summary An Unauthenticated Insecure Direct Object Reference IDOR vulnerability was identified that allows an unauthenticated attacker to access guest address information without supplying valid credentials or session cookies. Details During testing, it was observed that all guest users can make a...

7.5CVSS6.8AI score0.00383EPSS
Exploits1References8
RubySec
RubySec
added 2026/01/08 12:0 a.m.8 views

Spree API has Unauthenticated IDOR - Guest Address

Summary An Unauthenticated Insecure Direct Object Reference IDOR vulnerability was identified that allows an unauthenticated attacker to access guest address information without supplying valid credentials or session cookies. Details During testing, it was observed that all guest users can make a...

7.5CVSS6.7AI score0.00383EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-1427

Malware in sbrugna...

9.1CVSS9AI score0.01064EPSS
Exploits0References6
Rows per page
Query Builder