Display purchase complete page while the app is not purchased

RESOLVED WONTFIX

Status

RESOLVED WONTFIX
6 years ago
6 years ago

People

(Reporter: xli, Unassigned)

Tracking

x86
Mac OS X
Points:
---

Details

(Reporter)

Description

6 years ago
Exploits:
1. I first purchase one app (e.g., novaskin here) and remembered the uuid parameter (cbb9ef1bd36441a296a3b5b9f15a55fa) within the redirection request returned by Paypal to the marketplace.

GET https://marketplace.mozilla.org/en-US/app/novaskin/purchase/complete?realurl=None&uuid=cbb9ef1bd36441a296a3b5b9f15a55fa HTTP 1.1

2. I replay the request with another app name (e.g. yohoho here) that I haven't purchased and the above uuid parameter to marketplace.

GET https://marketplace.mozilla.org/en-US/app/yohoho/purchase/complete?realurl=None&uuid=cbb9ef1bd36441a296a3b5b9f15a55fa HTTP 1.1

And I got a web page showing that the purchase of yohoho is complete. I was trying to trigger the app to be purchased, but it turned out to be an inconsistency of page display, not a security issue. I am just reporting this and not sure whether this is a serious bug that should be fixed. 

Thanks,
Xiaowei
(Reporter)

Updated

6 years ago
Group: client-services-security
our purchase flow is completely different.  closing
Status: NEW → RESOLVED
Last Resolved: 6 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.