GHSA-c5gj-w4hx-gvmx
GitHub Security Advisory
Business Logic Errors in microweber
✓ GitHub Reviewed
LOW
Has CVE
Advisory Details
Microweber prior to 1.2.11 can suffer from insecure direct object reference(s). A malicious actor can remove items from a victim's cart.
Affected Packages
Packagist
microweber/microweber
Affected versions:
0
(fixed in 1.2.11)
Related CVEs
Key Information
2.5
/10
Dataset
Last updated: July 3, 2025 6:26 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.