Access Restriction Bypass in CS-Cart Japanese Edition v4.3.10-jp-1 and earlier

CVE-2017-2143 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a customer purchased item via rma.post.php.

Learn more about our Web Application Penetration Testing UK.