GHSA-x48c-p6xp-x2xgMedium
Our payment integration with Oppwa-based payment methods did not properly validate payment...
🔗 CVE IDs covered (1)
📋 Description
Our payment integration with Oppwa-based payment methods did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one payment.