VYPR

Packagist (Composer) package

aimeos/ai-controller-frontend

pkg:composer/aimeos/ai-controller-frontend

Vulnerabilities (2)

  • CVE-2024-39319Sep 26, 2024
    affected >= 2024.04.1, < 2024.04.2fixed 2024.04.2

    aimeos/ai-controller-frontend is the Aimeos frontend controller package for e-commerce projects. Prior to versions 2024.4.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15, an insecure direct object reference allows an attacker to disable subscriptions and reviews of another cus

  • CVE-2024-39325Jul 2, 2024
    affected >= 2023.04.1, < 2023.10.9fixed 2023.10.9

    aimeos/ai-controller-frontend is the Aimeos frontend controller. Prior to versions 2024.04.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15, aimeos/ai-controller-frontend doesn't reset the payment status of a user's basket after the user completes a purchase. Versions 2024.04.