| Titel | mall <=1.0.3 Improper Control of Resource Identifiers |
|---|
| Beschreibung | The mall application contains an authorization bypass vulnerability, which allows an attacker to cancel orders using another user’s order ID. |
|---|
| Quelle | ⚠️ https://github.com/Hwwg/cve/issues/13 |
|---|
| Benutzer | huangweigang (UID 88993) |
|---|
| Einreichung | 31.10.2025 08:33 (vor 5 Monaten) |
|---|
| Moderieren | 15.11.2025 07:19 (15 days later) |
|---|
| Status | Duplikat |
|---|
| VulDB Eintrag | 332321 [macrozheng mall-swarm/mall bis 1.0.3 /order/cancelUserOrder orderId erweiterte Rechte] |
|---|
| Punkte | 0 |
|---|