CVE-2024-50653 Information

Description

CRMEB <=5.4.0 is vulnerable to Incorrect Access Control. Users can bypass the front-end restriction of only being able to claim coupons once by capturing packets and sending a large number of data packets for coupon collection achieving unlimited coupon collection.

Reference

https://github.com/crmeb https://github.com/Yllxx03/CVE/tree/main/CVE-2024-50653