Описание
CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a customer purchased item via rma.post.php.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:frogman_office_inc:cs-cart_japanese_edition:4.3.10-jp-1:*:*:*:*:*:*:*
cpe:2.3:a:frogman_office_inc:cs-cart_multivendor_japanese_edition:4.3.10-jp-1:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00356
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-425
Связанные уязвимости
CVSS3: 5.3
github
больше 3 лет назад
CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a customer purchased item via rma.post.php.
EPSS
Процентиль: 57%
0.00356
Низкий
5.3 Medium
CVSS3
5 Medium
CVSS2
Дефекты
CWE-425