CVE-2020-11007
CVSS v3.1
6.5 (Medium)
CVSS v2.0
4 (Medium)
EPSS
0.05 % (20th)
Affected Products
1
Advisories
1
In Shopizer before version 2.11.0, using API or Controller based versions negative quantity is not adequately validated hence creating incorrect shopping cart and order total. This vulnerability makes it possible to create a negative total in the shopping cart. This has been patched in version 2.11.0.
Weaknesses
- CWE-20
- Improper Input Validation
- CVE Status
- PUBLISHED
- CNA
- GitHub, Inc.
- Published Date
-
2020-04-16 19:15:26
(4 years ago) - Updated Date
-
2020-04-29 14:13:03
(4 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...