Skip to main content

Next Saas Stripe Starter CVE-2026-4547

| EUVDEUVD-2026-14304 MEDIUM
Business Logic Errors (CWE-840)
2026-03-22 VulDB GHSA-chcq-j338-6wqm
5.3
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.3 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
CVSS changed
Apr 24, 2026 - 16:37 NVD
4.3 (MEDIUM) 5.3 (MEDIUM)
EUVD ID Assigned
Mar 22, 2026 - 13:30 euvd
EUVD-2026-14304
Analysis Generated
Mar 22, 2026 - 13:30 vuln.today
CVE Published
Mar 22, 2026 - 13:02 nvd
MEDIUM 4.3

DescriptionCVE.org

A security vulnerability has been detected in mickasmt next-saas-stripe-starter 1.0.0. Affected is the function generateUserStripe of the file actions/generate-user-stripe.ts of the component Checkout Handler. The manipulation of the argument priceId leads to business logic errors. The attack may be initiated remotely.

AnalysisAI

A business logic vulnerability exists in mickasmt next-saas-stripe-starter version 1.0.0 within the generateUserStripe function of the Checkout Handler component, where manipulation of the priceId parameter can lead to unauthorized modification of transaction data. An authenticated remote attacker can exploit this vulnerability to alter billing information or trigger unintended payment processing logic, potentially causing financial discrepancies or service abuse. With a CVSS score of 4.3 and low attack complexity, this vulnerability represents a moderate risk requiring prompt attention despite the low impact rating.

Technical ContextAI

This vulnerability exists in the next-saas-stripe-starter project (CPE: cpe:2.3:a:mickasmt:next-saas-stripe-starter), a TypeScript/Next.js SaaS boilerplate that integrates Stripe payment processing. The vulnerable function generateUserStripe in actions/generate-user-stripe.ts handles Checkout Handler operations and processes the priceId parameter without sufficient validation or authorization checks. The root cause is classified under CWE-840 (Business Logic Errors), indicating that while cryptographic or injection protections may be in place, the application fails to properly validate that user-supplied priceId values correspond to legitimate, authorized pricing tiers before processing them in the payment workflow. This is a common issue in payment integration code where insufficient business rule enforcement allows attackers to request pricing configurations they should not have access to.

RemediationAI

Immediately upgrade mickasmt next-saas-stripe-starter beyond version 1.0.0 to obtain security patches; verify the fixed version from the official repository at https://vuldb.com/?id.352374 or the project maintainer. Implement server-side validation of all priceId parameters against an allowlist of legitimate Stripe price IDs authorized for the authenticated user's subscription tier, never trusting client-supplied pricing identifiers. Enforce stricter authorization checks in the generateUserStripe function to ensure the authenticated user is permitted to purchase the requested price before processing with Stripe. Add comprehensive audit logging for all price modification attempts and payment operations. Until patching is possible, restrict Checkout Handler access to trusted IP ranges and implement rate limiting on generateUserStripe API endpoints to reduce automated exploitation risk.

Share

CVE-2026-4547 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy