Security Advisory

CVE-2022-30628

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-07-21 15:37:28

Last updated 2024-09-16 22:02:59

Assigner INCD

State PUBLISHED

Description

It was possible to download all receipts without authentication. Must first access the API https://XXXX.supersmart.me/services/v4/customer/signin to get a TOKEN. Then you can then access the API that provides invoice images based on the URL https://XXXX.supersmart.me/services/v4/invoiceImg?orderId=XXXXX

← Browse all CVEs View on cve.org ↗