CVE-2012-4482

Medium CVSS 5.0

Overview

The Ubercart SecureTrading Payment Method module 6.x for Drupal does not properly verify payment notification information, which allows remote attackers to purchase an item without paying via unspecified vectors.

CWE: CWE-20 Published: 2012-10-31T16:55:02.530

Risk analysis

This vulnerability is rated 🟡 MEDIUM.

CVSS: 5.0 (MEDIUM)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags