Loading market data...
← Back to CVE feed

CVE-2026-13222

UNKNOWN View on NVD ↗

Description

Our payment integration with Oppwa-based payment methods did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one payment.

Published: Jun 25, 2026 15:16 UTC Modified: Jun 25, 2026 16:16 UTC