-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability is a broken access control issue in UnoPim where the mass-delete functionality for products does not properly check user permissions. The analysis of the provided patches, specifically commit c14eebe653aafd8dc713ca729165177e63315989, reveals the mitigation strategy and, by extension, the nature of the vulnerability.
The core of the vulnerability lies in the backend controller action that handles the POST /admin/catalog/products/mass-delete request. This function, inferred to be massDestroy in ProductController, was missing an authorization check. During exploitation, this is the function that would be present in a runtime profile as it directly processes the malicious request.
The patch introduces a specific Access Control List (ACL) permission, catalog.products.mass_delete, to govern this action. The commit also updates the UI-layer function Webkul\Admin\DataGrids\Catalog\ProductDataGrid::prepareMassActions to check for this new, more granular permission. Previously, this function checked for the general catalog.products.delete permission, which was incorrect and contributed to the vulnerability by exposing the mass-delete option to a wider set of users in the admin panel. Therefore, both the controller action that executes the deletion and the datagrid function that prepares the UI for it are identified as relevant to the vulnerability.
PHPPHP| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| unopim/unopim | composer | <= 0.3.0 | 0.3.1 |
Ongoing coverage of React2Shell