Filtered by vendor Mickasmt
Subscriptions
Filtered by product Next-saas-stripe-starter
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-4548 | 1 Mickasmt | 1 Next-saas-stripe-starter | 2026-03-23 | 6.3 Medium |
| A vulnerability was detected in mickasmt next-saas-stripe-starter 1.0.0. Affected by this vulnerability is the function updateUserrole of the file actions/update-user-role.ts. The manipulation of the argument userId/role results in improper authorization. The attack may be launched remotely. | ||||
| CVE-2026-4547 | 1 Mickasmt | 1 Next-saas-stripe-starter | 2026-03-23 | 4.3 Medium |
| A security vulnerability has been detected in mickasmt next-saas-stripe-starter 1.0.0. Affected is the function generateUserStripe of the file actions/generate-user-stripe.ts of the component Checkout Handler. The manipulation of the argument priceId leads to business logic errors. The attack may be initiated remotely. | ||||
| CVE-2026-4549 | 1 Mickasmt | 1 Next-saas-stripe-starter | 2026-03-23 | 3.1 Low |
| A flaw has been found in mickasmt next-saas-stripe-starter 1.0.0. Affected by this issue is the function openCustomerPortal of the file actions/open-customer-portal.ts of the component Stripe API. This manipulation causes authorization bypass. Remote exploitation of the attack is possible. The complexity of an attack is rather high. The exploitation is known to be difficult. | ||||
Page 1 of 1.