CVE-2026-4548 | mickasmt next-saas-stripe-starter 1.0.0 update-user-role.ts updateUserrole userId/role improper authorization

A vulnerability categorized as critical has been discovered in mickasmt next-saas-stripe-starter 1.0.0. Affected by this vulnerability is the function updateUserrole of the file actions/update-user-role.ts. The manipulation of the argument userId/role results in improper authorization.

This vulnerability is cataloged as CVE-2026-4548. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More