VYPR
Moderate severityNVD Advisory· Published Jul 2, 2024· Updated Aug 2, 2024

aimeos/ai-controller-frontend doesn't reset payment status in basket

CVE-2024-39325

Description

aimeos/ai-controller-frontend is the Aimeos frontend controller. Prior to versions 2024.04.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15, aimeos/ai-controller-frontend doesn't reset the payment status of a user's basket after the user completes a purchase. Versions 2024.04.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15 fix this issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
aimeos/ai-controller-frontendPackagist
>= 2023.04.1, < 2023.10.92023.10.9
aimeos/ai-controller-frontendPackagist
>= 2022.04.1, < 2022.10.82022.10.8
aimeos/ai-controller-frontendPackagist
>= 2021.04.1, < 2021.10.82021.10.8
aimeos/ai-controller-frontendPackagist
< 2020.10.152020.10.15

Affected products

2

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.