Skip to main content

pretix-computop CVE-2026-13223

| EUVDEUVD-2026-39413 MEDIUM
Improper Enforcement of Behavioral Workflow (CWE-841)
2026-06-25 rami.io GHSA-5qw6-59g4-vvqw
6.3
CVSS 4.0 · Vendor: rami.io
Share

Severity by source

Vendor (rami.io) PRIMARY
6.3 MEDIUM
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
3.7 LOW

Network-reachable replay attack with no privileges needed, but AC:H because attacker must first obtain a valid payment response; integrity-only impact.

3.1 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
4.0 AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N

Primary rating from Vendor (rami.io).

CVSS VectorVendor: rami.io

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Patch available
Jun 25, 2026 - 16:03 EUVD
Analysis Generated
Jun 25, 2026 - 15:18 vuln.today

DescriptionCVE.org

Our payment integration with Computop-based payment methods did not properly validate payment status responses. An attacker could use a successful payment status response from one payment and supply it to the system for a different payment, gaining access to multiple valid tickets with only one payment.

AnalysisAI

Payment response replay in the pretix-computop integration allows an unauthenticated network attacker to obtain multiple valid event tickets by paying only once. The Pretix Computop plugin fails to bind successful payment status responses to their originating transaction, so a response captured from a completed payment can be submitted against any other pending order. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Complete one legitimate Computop purchase
Delivery
Capture successful payment status response
Exploit
Identify additional target orders in the same Pretix instance
Execution
Submit captured response against each target order
Persist
System accepts replayed response as valid
Impact
Obtain multiple valid tickets for single payment

Vulnerability AssessmentAI

Exploitation Exploitation requires that the Pretix instance has at least one Computop-based payment method enabled and active in its configuration - instances that do not use Computop are not affected. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 score of 6.3 (Medium) reflects a realistic threat model: AV:N (reachable over the network), AC:H (high attack complexity), AT:P (specific prerequisite - attacker must first possess a valid successful payment response), PR:N (no account privileges required), and UI:N (no victim interaction). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker purchases a single event ticket through the Computop payment gateway, capturing the successful payment status response (e.g., via browser developer tools or traffic interception). The attacker then submits that same response payload against multiple additional pending orders, each of which the system incorrectly accepts as a new valid payment, issuing tickets for each. …
Remediation Upgrade the pretix-computop plugin to the patched release documented in the vendor advisory at https://pretix.eu/about/en/blog/20260625-release-2026-5-2/ - the URL slug indicates version 2026.5.2 released 2026-06-25, though the exact package version should be verified in the advisory. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-13223 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy