CVE-2023-36643 Information

Description

Incorrect Access Control in ITB-GmbH TradePro v9.5 allows remote attackers to receive all orders from the online shop via oordershow component in customer function.

Reference

https://github.com/caffeinated-labs/CVE-2023-36643