Solidus is an open source e-commerce system. A cross-site request forgery vulnerability exists in Solidus Solidus_auth_devise, which stems from a lack of CSRF authentication in the product. An attacker could send an unintended request to the server through this vulnerability.
CPE | Name | Operator | Version |
---|---|---|---|
solidus Solidus >=1.0.0, | lt | 2.5.4 |