CVE-2026-27708

Source
https://cve.org/CVERecord?id=CVE-2026-27708
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-27708.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-27708
Aliases
  • GHSA-p36w-9x66-488j
Published
2026-06-24T19:24:50.417Z
Modified
2026-07-15T01:49:13.601165856Z
Severity
  • 7.1 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
FOSSBilling: IDOR in Servicecustom Client API allows cross-client data access
Details

FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior, the Servicecustom Client API's _call method accepts an orderid parameter and fetches the associated order without verifying the authenticated client owns it, potentially exposing cross-client data through IDOR. An authenticated client can access any other client's custom service by guessing sequential order IDs. This can lead to a confidentiality breach — attackers can read client PII (name, email, phone, address, company details, VAT number) and service configuration data belonging to other clients. This issue has been fixed in version 0.8.0.

Database specific
{
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-284",
        "CWE-639",
        "CWE-862"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/27xxx/CVE-2026-27708.json"
}
References

Affected packages

Git / github.com/fossbilling/fossbilling

Affected ranges

Type
GIT
Repo
https://github.com/fossbilling/fossbilling
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "0.8.0"
        }
    ]
}

Affected versions

0.*
0.1.0
0.1.1
0.2.0
0.2.1
0.2.10
0.2.2
0.2.3
0.2.4
0.2.5
0.2.6
0.2.7
0.2.8
0.2.9
0.3.0
0.4.0
0.4.1
0.4.2
0.4.3
0.5.0
0.5.1
0.5.2
0.5.3
0.5.4
0.5.5
0.6.0
0.6.1
0.6.10
0.6.11
0.6.12
0.6.13
0.6.14
0.6.15
0.6.16
0.6.17
0.6.18
0.6.19
0.6.2
0.6.20
0.6.21
0.6.22
0.6.3
0.6.4
0.6.5
0.6.6
0.6.7
0.6.8
0.6.9
0.7.0
0.7.1
0.7.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-27708.json"