CVE-2025-52920 | Innoshop up to 0.4.1 _ORDER_ID_ shipping_address_id/billing_address_id direct request

A vulnerability, which was classified as problematic, was found in Innoshop up to 0.4.1. This affects an unknown part of the file /en/account/orders/_ORDER_ID_. The manipulation of the argument shipping_address_id/billing_address_id leads to direct request.

This vulnerability is uniquely identified as CVE-2025-52920. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More