CVE-2024-44313 Information
Mar 20, 2025
cve
Description
TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks.
Reference
https://github.com/tastyigniter/TastyIgniter/blob/3.x/app/admin/controllers/Orders.php https://medium.com/@cnetsec/cve-2024-44313-incorrect-access-control-in-tastyigniter-3-7-6-01a73c548b74
Share on: