CVE-2021-26631

Summary

Improper input validation vulnerability in Mangboard commerce package could lead to occur for abnormal request. A remote attacker can exploit this vulnerability to manipulate the total order amount into a negative number and then pay for the order.

Affected Software

VendorProductVersion RangeStatus
Hometory Co.,LtdMangboard commerce packageunspecified <= 1.3.8affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References