MEDIUM
ShopXO
CVE published 2026-06-15
CVE-2026-12204
CVE-2026-12204 is a MEDIUM severity vulnerability in ShopXO up to 6.7.1. A vulnerability was determined in ShopXO up to 6.7.1. This vulnerability affects the function OrderClose/OrderSuccess/PayLogOrderClose/GoodsGiveIntegral of the file app/api/controller/Crontab.php of the component Scheduled Task Endpoint. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. T [truncated]