Data

Tools

Indexes

Applications

Experiments

Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

GSA_kwCzR0hTQS0zajZtLW01djUtOTc4Nc4AAm2e

Low EPSS: 0.00096% (0.27879 Percentile) EPSS:
Permalink JSON

OpenCart Cross-Site Request Forgery (CSRF)

Affected Packages Affected Versions Fixed Versions
packagist:opencart/opencart = 3.0.3.6 No known fixed version
12 Dependent packages
15 Dependent repositories
35,114 Downloads total

Affected Version Ranges

All affected versions

Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart.

References:

Identifiers

GHSA-3j6m-m5v5-9785

CVE-2020-28838

Risk

Severity

Low

EPSS

EPSS Percentage: 0.00096

EPSS Percentile: 0.27879

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Date and time

Published

about 3 years ago

Updated

over 1 year ago

API

JSON