Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc4cmMtcGd4cS14MmNq
Negative charge in shopping cart in Shopizer
Impact
Using API or Controller based versions negative quantity is not adequately validated hence creating incorrect shopping cart and order total.
Patches
Adding a back-end verification to check that quantity parameter isn't negative. If so, it is set to 1. Patched in 2.11.0
Workarounds
Without uprading, it's possible to just apply the fixes in the same files it's done for the patch. Or you use javax constraint validation on the quantity parameter.
References
Input Validation
Using bean validation constraint
Commits with fixes
CVE Details below :
Mitre
NVD
Credits
Found and solved by Yannick Gosset from Aix-Marseille University cybersecurity
master program supervised by Yassine Ilmi
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXc4cmMtcGd4cS14MmNq
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: almost 5 years ago
Updated: about 2 years ago
CVSS Score: 6.5
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
EPSS Percentage: 0.0005
EPSS Percentile: 0.21514
Identifiers: GHSA-w8rc-pgxq-x2cj, CVE-2020-11007
References:
- https://github.com/shopizer-ecommerce/shopizer/security/advisories/GHSA-w8rc-pgxq-x2cj
- https://github.com/shopizer-ecommerce/shopizer/commit/929ca0839a80c6f4dad087e0259089908787ad2a
- https://nvd.nist.gov/vuln/detail/CVE-2020-11007
- https://github.com/advisories/GHSA-w8rc-pgxq-x2cj
Blast Radius: 14.9
Affected Packages
maven:com.shopizer:sm-core-model
Dependent packages: 6Dependent repositories: 196
Downloads:
Affected Version Ranges: < 2.11.0
Fixed in: 2.11.0
All affected versions: 2.0.2, 2.0.3, 2.2.0, 2.2.1, 2.4.0, 2.5.0, 2.6.0, 2.7.0, 2.8.0, 2.9.0, 2.10.0
All unaffected versions: 2.11.0, 2.12.0, 2.16.0, 3.2.3