Macrozheng Mall-Swarm Improper Authorization Vulnerability in Order Cancellation Function
Vulnerability
An authorization bypass vulnerability has been identified in Macrozheng Mall-Swarm versions through 1.0.3. The issue resides in the 'cancelUserOrder' function within the '/order/cancelUserOrder' file. This vulnerability allows remote attackers to manipulate the 'orderId' parameter, leading to unauthorized order cancellations. The flaw arises because the application fails to verify whether the order belongs to the user making the request.
Impact
Exploitation of this vulnerability allows attackers to cancel orders on behalf of other users by manipulating the 'orderId' parameter, resulting in unauthorized order cancellations and disrupted access control.
Reproduction
To reproduce this vulnerability, send a POST request to the '/order/cancelUserOrder' endpoint with an 'orderId' that belongs to another user. The application does not properly validate user permissions before canceling the order, allowing the request to succeed.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.