2022-10-19 00:00:00
mitre
PUBLISHED
An access control issue in nopcommerce v4.50.2 allows attackers to arbitrarily modify any customers address via the addressedit endpoint.