CVE-2026-22589
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Summary
Spree is an open source e-commerce solution built with Ruby on Rails. Prior to versions 4.10.2, 5.0.7, 5.1.9, and 5.2.5, an Unauthenticated Insecure Direct Object Reference (IDOR) vulnerability was identified that allows an unauthenticated attacker to access guest address information without supplying valid credentials or session cookies. This issue has been patched in versions 4.10.2, 5.0.7, 5.1.9, and 5.2.5.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| spree | spree | >= 5.2.0, < 5.2.5 | affected |
| spree | spree | >= 5.1.0, < 5.1.9 | affected |
| spree | spree | >= 5.0.0, < 5.0.7 | affected |
| spree | spree | < 4.10.2 | affected |
Weaknesses
- CWE-639: CWE-639: Authorization Bypass Through User-Controlled Key
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: partial
Additional References
References
- https://github.com/spree/spree/security/advisories/GHSA-3ghg-3787-w2xr
- https://github.com/spree/spree/commit/16067def6de8e0742d55313e83b0fbab6d2fd795
- https://github.com/spree/spree/commit/4c2bd62326fba0d846fd9e4bad2c62433829b3ad
- https://github.com/spree/spree/commit/d051925778f24436b62fa8e4a6b842c72ca80a67
- https://github.com/spree/spree/commit/e1cff4605eb15472904602aebaf8f2d04852d6ad
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.