CVE-2026-4547

Summary

A security vulnerability has been detected in mickasmt next-saas-stripe-starter 1.0.0. Affected is the function generateUserStripe of the file actions/generate-user-stripe.ts of the component Checkout Handler. The manipulation of the argument priceId leads to business logic errors. The attack may be initiated remotely.

Affected Software

VendorProductVersion RangeStatus
mickasmtnext-saas-stripe-starter1.0.0affected

Weaknesses

  • CWE-840: Business Logic Errors

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References