| Título | mall <=1.0.3 Improper Control of Resource Identifiers |
|---|
| Descripción | The mall application contains an authorization bypass vulnerability, which allows an attacker to manipulate order payments using another user’s order ID. |
|---|
| Fuente | ⚠️ https://github.com/Hwwg/cve/issues/14 |
|---|
| Usuario | huangweigang (UID 88993) |
|---|
| Sumisión | 2025-10-31 08:34 (hace 5 meses) |
|---|
| Moderación | 2025-11-15 07:19 (15 days later) |
|---|
| Estado | Duplicado |
|---|
| Entrada de VulDB | 332323 [macrozheng mall-swarm/mall hasta 1.0.3 /order/paySuccess orderID escalada de privilegios] |
|---|
| Puntos | 0 |
|---|