CVE-2024-39325
EUVD-2024-238002.07.2024, 21:15
aimeos/ai-controller-frontend is the Aimeos frontend controller. Prior to versions 2024.04.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15, aimeos/ai-controller-frontend doesn't reset the payment status of a user's basket after the user completes a purchase. Versions 2024.04.2, 2023.10.9, 2022.10.8, 2021.10.8, and 2020.10.15 fix this issue.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| aimeos | aimeos_frontend_controller | 𝑥 < 2020.10.15 |
| aimeos | aimeos_frontend_controller | 2021.04.1 ≤ 𝑥 < 2021.10.8 |
| aimeos | aimeos_frontend_controller | 2022.04.1 ≤ 𝑥 < 2022.10.8 |
| aimeos | aimeos_frontend_controller | 2023.04.1 ≤ 𝑥 < 2023.10.9 |
| aimeos | aimeos_frontend_controller | 2024.04.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References