An access control issue in nopcommerce v4.50.2 allows attackers to arbitrarily modify any customer's address via the addressedit endpoint.
Metrics
Affected Vendors & Products
References
History
Sat, 04 Jul 2026 23:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Mon, 14 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Fri, 09 May 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-04T23:30:43.477Z
Reserved: 2022-06-13T00:00:00.000Z
Link: CVE-2022-33077
Updated: 2024-08-03T08:01:19.722Z
Status : Modified
Published: 2022-10-19T02:15:08.903
Modified: 2026-06-17T04:48:26.367
Link: CVE-2022-33077
No data.
OpenCVE Enrichment
No data.