JVN#14396697: CS-Cart Japanese Edition fails to restrict access permissions

2017-04-10T00:00:00
ID JVN:14396697
Type jvn
Reporter Japan Vulnerability Notes
Modified 2017-04-10T00:00:00

Description

## Description

CS-Cart is a system for creating online shopping websites. CS-Cart Japanese Edition fails to restrict access permissions (CWE-425).

## Impact

An unauthenticated remote attacker may obtain consumer's information such as its name and street address registered in the website.

## Solution

Update the Software
Update to the latest version according to the information provided by the developer.

## Products Affected

  • CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3)
  • CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3)