TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| tastyigniter/tastyigniter(Packagist) | 0 | 4.0.0 | N/A |
CVSS Metrics
