An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request.
References
Link | Resource |
---|---|
https://gist.github.com/wwwziziyu/d0ae135b8075f6db735d75135254e7a1 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-11-22T00:00:00
Updated: 2023-11-22T06:52:30.589715
Reserved: 2023-11-06T00:00:00
Link: CVE-2023-47392
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-11-22T07:15:07.587
Modified: 2023-11-29T18:03:15.443
Link: CVE-2023-47392
JSON object: View
Redhat Information
No data.
CWE