[ https://issues.apache.org/jira/browse/OFBIZ-11836?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jacques Le Roux updated OFBIZ-11836: ------------------------------------ Summary: IDOR vulnerability in the order processing feature in ecommerce component (was: IDOR vulnerability in the order processing feature) > IDOR vulnerability in the order processing feature in ecommerce component > ------------------------------------------------------------------------- > > Key: OFBIZ-11836 > URL: https://issues.apache.org/jira/browse/OFBIZ-11836 > Project: OFBiz > Issue Type: Sub-task > Components: ecommerce, order > Affects Versions: Trunk > Reporter: Jacques Le Roux > Assignee: Jacques Le Roux > Priority: Major > > Harshit Shukla [mailto:harshit.sh...@gmail.com]reported this IDOR > vulnerability to the OFBiz security team, and we thank him for that. > I'll later quote here his email message when the vulnerability will be fixed. > It's a post-auth vulnerability so we did not ask for a CVE. -- This message was sent by Atlassian Jira (v8.3.4#803005)