Metrics
Affected Vendors & Products
Mon, 22 Sep 2025 16:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Metrics | ssvc 
 | 
Mon, 22 Sep 2025 10:15:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| First Time appeared | Smartstore Smartstore smartstore | |
| Vendors & Products | Smartstore Smartstore smartstore | 
Mon, 22 Sep 2025 03:00:00 +0000
| Type | Values Removed | Values Added | 
|---|---|---|
| Description | A vulnerability has been found in Smartstore up to 6.2.0. The affected element is an unknown function of the file /checkout/confirm/ of the component Gift Voucher Handler. The manipulation leads to race condition. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is described as difficult. The vendor was contacted early about this disclosure but did not respond in any way. | |
| Title | Smartstore Gift Voucher confirm race condition | |
| Weaknesses | CWE-362 | |
| References |  | |
| Metrics | cvssV2_0 
 
 
 
 | 
 MITRE
                        MITRE
                    Status: PUBLISHED
Assigner: VulDB
Published: 2025-09-22T02:32:05.702Z
Updated: 2025-09-22T15:55:06.599Z
Reserved: 2025-09-21T08:48:35.573Z
Link: CVE-2025-10778
 Vulnrichment
                        Vulnrichment
                    Updated: 2025-09-22T15:55:03.333Z
 NVD
                        NVD
                    Status : Awaiting Analysis
Published: 2025-09-22T03:15:56.937
Modified: 2025-09-22T21:23:01.543
Link: CVE-2025-10778
 Redhat
                        Redhat
                    No data.
 ReportizFlow
ReportizFlow