Skip to content

Negative charge in shopping cart in Shopizer

Critical severity GitHub Reviewed Published Apr 16, 2020 in shopizer-ecommerce/shopizer • Updated Jan 9, 2023

Package

maven com.shopizer:sm-core-model (Maven)

Affected versions

< 2.11.0

Patched versions

2.11.0

Description

Impact

Using API or Controller based versions negative quantity is not adequately validated hence creating incorrect shopping cart and order total.

Patches

Adding a back-end verification to check that quantity parameter isn't negative. If so, it is set to 1. Patched in 2.11.0

Workarounds

Without uprading, it's possible to just apply the fixes in the same files it's done for the patch. Or you use javax constraint validation on the quantity parameter.

References

Input Validation
Using bean validation constraint
Commits with fixes
CVE Details below :
Mitre
NVD

Credits

Found and solved by Yannick Gosset from Aix-Marseille University cybersecurity
master program supervised by Yassine Ilmi

References

@shopizer-ecommerce shopizer-ecommerce published to shopizer-ecommerce/shopizer Apr 16, 2020
Reviewed Apr 16, 2020
Published to the GitHub Advisory Database Apr 22, 2020
Last updated Jan 9, 2023

Severity

Critical

Weaknesses

CVE ID

CVE-2020-11007

GHSA ID

GHSA-w8rc-pgxq-x2cj

Source code

No known source code
Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.