Description
Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have CSRF resulting in deletion of a customer address from an address book, aka APPSEC-1433.
Remediation
References
Related Vulnerabilities
Drupal Improper Input Validation Vulnerability (CVE-2019-6342)
PHP CVE-2012-2688 Vulnerability (CVE-2012-2688)
Moodle CVE-2019-14880 Vulnerability (CVE-2019-14880)
Cherokee Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-2191)
WordPress Plugin Custom Login Page Customizer-LoginPress Unspecified Vulnerability (1.1.15)