CVE-2023-45854

A Business Logic vulnerability in Shopkit 1.0 allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt