CVE-2012-4482

2012-10-3116:00:00

redhat

www.cve.org

ubercart

securetrading

drupal

payment verification

remote attackers

item purchase.

AI Score

6.7

Confidence

Low

EPSS

0.004

Percentile

72.4%

JSON

The Ubercart SecureTrading Payment Method module 6.x for Drupal does not properly verify payment notification information, which allows remote attackers to purchase an item without paying via unspecified vectors.

References

drupal.org/node/1679820

www.openwall.com/lists/oss-security/2012/10/04/6

www.openwall.com/lists/oss-security/2012/10/07/1