2 matches found
Cross-site Request Forgery (CSRF)
Overview NopCommerce.Nop.Core is an A set of core classes for nopCommerce, such as caching, events, helpers, and business objects for example, Order and Customer entities. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the "Run now" button of the "Schedule...
Cross-site Request Forgery (CSRF)
Overview NopCommerce.Core is an open-source e-commerce shopping cart solution. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the "Run now" button of the "Schedule Tasks" functionality. An attacker can run a scheduled task without the victim users consent ...