CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a customer purchased item via rma.post.php.
CPE | Name | Operator | Version |
---|---|---|---|
cs-cart_japanese_edition | eq | 4.3.10-jp-1 | |
cs-cart_multivendor_japanese_edition | eq | 4.3.10-jp-1 |