Description
Cross Site Request Forgery (CSRF) vulnerability in Express cart v1.1.16 allows attackers to add an administrator account, add discount code or other unspecified impacts.
Remediation
References
https://github.com/mrvautin/expressCart/issues/120
Related Vulnerabilities
CVE-2016-6637 Vulnerability in maven package org.cloudfoundry.identity:cloudfoundry-identity-login
CVE-2023-45857 Vulnerability in maven package org.webjars.bower:axios
CVE-2023-49396 Vulnerability in maven package com.jfinal:jfinal
CVE-2022-3978 Vulnerability in npm package nodebb
CVE-2022-41227 Vulnerability in maven package io.jenkins.plugins:cavisson-ns-nd-integration