Lucene search
AdobeCVELIST:CVE-2019-7857HistoryAug 02, 2019 - 9:12 p.m.
CVE-2019-7857
2019-08-0221:12:21
adobe
www.cve.org
A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 can cause unwanted items to be added to a shopper’s cart due to an insufficiently robust anti-CSRF token implementation.
CNA Affected
[
{
"product": "Magento 2",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2"
}
]
}
]Related
nvd
nvd
CVE-2019-7857
2019-08-02 22:15:15
friendsofphp
friendsofphp
cve
cve
CVE-2019-7857
2019-08-02 22:15:15
osv
osv
Magento Cross-Site Request Forgery (CSRF)
2022-05-24 16:52:23
CVE-2019-7857
2019-08-02 22:15:15
github
github
Magento Cross-Site Request Forgery (CSRF)
2022-05-24 16:52:23
prion
prion
Cross site request forgery (csrf)
2019-08-02 22:15:00
openvas
openvas