ADVISORIES
- CVE-2008-7310 (NVD)
- GHSA-7h48-m3rw-vr27
- OSVDB-81505
- Vendor Advisory
GEM
SEVERITY
CVSS v2.0: 5.0 (Medium)
PATCHED VERSIONS
- >= 0.3.0
DESCRIPTION
Spree contains a hash restriction weakness that occurs when parsing a modified URL. This may allow an attacker to manipulate order state values.