CVE-2026-4547

Published: Mar 22, 2026 Last Modified: Mar 22, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
MEDIUM 4,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: low
Availability: none
MEDIUM 4,0
Source: [email protected]
Access Vector: network
Access Complexity: low
Authentication: single
Confidentiality: none
Integrity: partial
Availability: none

Description

AI Translation Available

A security vulnerability has been detected in mickasmt next-saas-stripe-starter 1.0.0. Affected is the function generateUserStripe of the file actions/generate-user-stripe.ts of the component Checkout Handler. The manipulation of the argument priceId leads to business logic errors. The attack may be initiated remotely.

https://vuldb.com/?ctiid.352374
https://vuldb.com/?ctiid.352374
https://vuldb.com/?id.352374
https://vuldb.com/?id.352374
https://vuldb.com/?submit.774804
https://vuldb.com/?submit.774804