Improper Validation in Payment Integration for Computop Systems
CVE-2026-13223

6.3MEDIUM

Key Information:

Vendor: Pretix
Status: Pretix-computop
Vendor: CVE Published:; 25 June 2026

What is CVE-2026-13223?

The payment integration with Computop payment methods in Pretix failed to properly validate payment status responses. This vulnerability allows attackers to exploit the system by using a valid payment status response from one transaction and applying it to a different payment. Consequently, this could enable unauthorized access to multiple valid tickets, undermining the integrity of the ticketing system. Organizations using Pretix should be vigilant and ensure that they are updated to the latest version to mitigate this risk.

Affected Version(s)

pretix-computop 0 < 1.3.2

References

https://pretix.eu/about/en/blog/20260625-release-2026-5-2/

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 25, 2026
Vulnerability Reserved
Jun 24, 2026

Credit

Deepjyoti Roy

CVE-2026-13223 Data

JSON