SimplCommerce is affected by a Broken Access Control vulnerability in the review system, allowing unauthorized users to post reviews for products they have not purchased.
An attacker can detect this vulnerability by sending a request to the review submission endpoint and changing the EntityId to the ID of a product they have not purchased. If the review is successfully posted, it confirms the website is vulnerable to Broken Access Control vulnerability.
230310c8d7a0408569b292c5a805c459d47a1d8f commit
https://www.simplcommerce.com/
https://github.com/simplcommerce/SimplCommerce
simplcommerce/SimplCommerce#1112
- October 2, 2024: Vulnerability discovered and reported to SimplCommerce.
- October 8, 2024: Follow-up email sent to the vendor.
- October 11, 2024: CVE ID request submitted to MITRE.
- October 15, 2024: Vendor replied to the initial report.
- November 14, 2024: CVE ID assigned by MITRE.
- December 21, 2024: Affected versions patched by the vendor.
- December 24, 2024: Public disclosure of the vulnerability.
Abdullah Almutawa