AI Score
Confidence
Low
EPSS
Percentile
72.4%
Express-Cart before 1.1.6 allows remote attackers to create an admin user via an /admin/setup Referer header.
/admin/setup
github.com/mrvautin/expressCart/commit/baccaae9b0b72f00b10c5453ca00231340ad3e3b
hackerone.com/reports/343626
nvd.nist.gov/vuln/detail/CVE-2018-12457
www.npmjs.com/package/express-cart?activeTab=versions