Description
Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have CSRF resulting in deletion of a customer address from an address book, aka APPSEC-1433.
Remediation
References
Related Vulnerabilities
PHP Resource Management Errors Vulnerability (CVE-2011-1468)
WordPress Plugin Login Widget With Shortcode Cross-Site Request Forgery (3.1.1)
WordPress Plugin PHPFreeChat 'url' Parameter Cross-Site Scripting (0.2.8)
WordPress Plugin Gallery Plugin for WordPress-Envira Photo Gallery Cross-Site Scripting (1.8.3.2)