CVE-2024-44313

Publication date

2025-03-18 00:00:00

Family

mitre

State

PUBLISHED

Description

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks.