Macrozheng Mall-Swarm Improper Authorization Vulnerability in Cart Attribute Update Function

An authorization bypass vulnerability has been identified in Macrozheng Mall-Swarm versions through 1.0.3. The issue resides in the 'updateAttr' function of the '/cart/update/attr' file, where the application fails to properly validate user permissions. This flaw allows attackers to remotely manipulate cart attributes of other users by sending crafted POST requests with altered 'id' parameters. The vulnerability could lead to unauthorized modifications of shopping cart contents, disrupting normal user interactions and potentially causing financial implications.

Impact

Exploitation of this vulnerability allows for unauthorized access to modify the shopping cart attributes of other users, bypassing normal access controls and potentially leading to unauthorized purchases or changes in order details.

Reproduction

To reproduce this vulnerability, send a POST request to the '/cart/update/attr' endpoint. Include an 'id' parameter that corresponds to the cart attribute of another user. The request must also include an authorization token in the headers to simulate a logged-in user. Once the request is sent, the cart attributes of the specified user will be updated without their consent.