Macrozheng Mall Authorization Bypass Vulnerability in Order Cancellation Function
Vulnerability
An authorization bypass vulnerability has been identified in Macrozheng Mall versions through 1.0.3. The issue resides in the order cancellation function, specifically within the '/order/cancelUserOrder' endpoint. The vulnerability allows authenticated users to cancel orders that do not belong to them, by manipulating the 'orderId' parameter. This lack of ownership verification could lead to unauthorized order cancellations and disrupt normal business operations.
Impact
Exploitation of this vulnerability allows for unauthorized cancellation of orders belonging to other users, potentially leading to a disruption of business operations.
Reproduction
To reproduce this vulnerability, an authenticated user can send a request to the '/order/cancelUserOrder' endpoint, including an 'orderId' that corresponds to an order not owned by them. The request will bypass authorization checks, allowing the user to cancel the order.
Remediation
It is recommended to implement ownership validation in the 'cancelOrder' method, ensuring that only the rightful order owner can cancel their orders.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.