CVE-2024-44313 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and…
High CVSS: 8.1

CVE-2024-44313

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks.
Vendor
Tastyigniter
Product
Tastyigniter
CWE
CWE-284
Yayın Tarihi
2025-03-18 15:15:53
Güncelleme
2025-04-02 12:30:11
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-284 Tastyigniter HIGH Tastyigniter 2025

Referanslar

https://github.com/tastyigniter/TastyIgniter/blob/3.x/app/admin/controllers/Orders.php https://medium.com/@cnetsec/cve-2024-44313-incorrect-access-control-in-tastyigniter-3-7-6-01a73c548b74