CVE-2023-47392 · Vexday

CVE-2023-47392

EPSS 0.5%CWE-200

An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request.

Affected products

n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://gist.github.com/wwwziziyu/d0ae135b8075f6db735d75135254e7a1