SaasProject Booking Package Improper Input Validation Vulnerability Allowing ACL Bypass

Vulnerability

A vulnerability has been identified in the SaasProject Booking Package, specifically in versions through 1.6.27, that involves improper validation of input quantities. This flaw allows users to access functionalities that are not adequately restricted by Access Control Lists (ACLs).

Impact

Exploitation of this vulnerability could lead to unauthorized access to functions or features that should be restricted, potentially allowing users to manipulate booking details or access sensitive information.

Added: Jan 5, 2026, 5:27 PM

Updated: Jan 5, 2026, 5:27 PM

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

0.6

exploitability

6.4

remediation

0.0

relevance

1.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

1.0

impact

0.6

exploitability

6.4

remediation

0.0

relevance

1.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SaasProject Booking Package Improper Input Validation Vulnerability Allowing ACL Bypass

Vulnerability

Impact

Affected Products

SaasProject Booking Package

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating