Express Cart v1.1.16 Cross Site Request Forgery (CSRF) Vulnerability Allows Unauthorized Account Creation and Code Manipulation
CVE-2020-22403 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Cross Site Request Forgery (CSRF) vulnerability in Express cart v1.1.16 allows attackers to add an administrator account, add discount code or other unspecified impacts.
Learn more about our Web Application Penetration Testing UK.