Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2015-09-17	CVE-2015-7231	Improper Input Validation vulnerability in Drupalcommerce Commerce Commonwealth The Commerce Commonwealth (CBA) module 7.x-1.x before 7.x-1.5 for Drupal does not properly validate payments, which allows remote attackers to make a failed payment appear valid via a crafted URL, related to a "response from commweb." network low complexity drupalcommerce CWE-20	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.