Express Cart v1.1.16 Cross Site Request Forgery (CSRF) Vulnerability Allows Unauthorized Account Creation and Code Manipulation

Express Cart v1.1.16 Cross Site Request Forgery (CSRF) Vulnerability Allows Unauthorized Account Creation and Code Manipulation

CVE-2020-22403 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Cross Site Request Forgery (CSRF) vulnerability in Express cart v1.1.16 allows attackers to add an administrator account, add discount code or other unspecified impacts.

Learn more about our Web Application Penetration Testing UK.