CVE-2025-10778 | Smartstore up to 6.2.0 Gift Voucher /checkout/confirm/ race condition

September 21, 2025 Yanac

A vulnerability marked as critical has been reported in Smartstore up to 6.2.0. The affected element is an unknown function of the file /checkout/confirm/ of the component Gift Voucher Handler. The manipulation leads to race condition.

This vulnerability is listed as CVE-2025-10778. The attack may be initiated remotely. There is no available exploit.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More