CVE-2020-28838
LOW3.5EPSS 0.10%OpenCart Cross-Site Request Forgery (CSRF)
Published: 5/24/2022Modified: 4/23/2024
Also known as:GHSA-3j6m-m5v5-9785
Description
Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart.
Affected packages (1)
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | LOW3.5 | CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |