Overview
- Description
- aimeos/ai-controller-frontend is the Aimeos frontend controller. Prior to versions 2024.04.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15, aimeos/ai-controller-frontend doesn't reset the payment status of a user's basket after the user completes a purchase. Versions 2024.04.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15 fix this issue.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.3
- Impact score
- 1.4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
- security-advisories@github.com
- CWE-841
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:aimeos:aimeos_frontend_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "05061318-1635-43D5-A3AC-D50C5DBF09B5",
"versionEndExcluding": "2020.10.15"
},
{
"criteria": "cpe:2.3:a:aimeos:aimeos_frontend_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E56BF038-B298-4A8C-9A06-188F422058A0",
"versionEndExcluding": "2021.10.8",
"versionStartIncluding": "2021.04.1"
},
{
"criteria": "cpe:2.3:a:aimeos:aimeos_frontend_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "85A13E16-25D0-4845-88B6-4C19AF1AC33D",
"versionEndExcluding": "2022.10.8",
"versionStartIncluding": "2022.04.1"
},
{
"criteria": "cpe:2.3:a:aimeos:aimeos_frontend_controller:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F2D983DE-A57B-46AD-911E-44253A9A0373",
"versionEndExcluding": "2023.10.9",
"versionStartIncluding": "2023.04.1"
},
{
"criteria": "cpe:2.3:a:aimeos:aimeos_frontend_controller:2024.04.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9707F760-DC26-4879-8BB0-EA49A1E415B1"
}
],
"operator": "OR"
}
]
}
]