3 matches found
CVE-2014-5516
KonaKart Storefront Application (DS Data Systems) prior to 7.3.0.0 is vulnerable to CSRF protection bypass that allows an attacker to hijack an administrator’s session by issuing a manipulated GET request to change a user email address. The issue is documented in CVE-2014-5516, with a remediation...
CVE-2014-5516
Cross-site request forgery CSRF vulnerability in the Storefront Application in DS Data Systems KonaKart before 7.3.0.0 allows remote attackers to hijack the authentication of administrators for requests that change a user email address via an unspecified GET request...
KonaKart Storefront Application Cross Site Request Forgery
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-5516 =================== "Cross-Site Request Forgery CSRF protection bypass" CWE-352 vulnerability in "KonaKart Storefront Application" Enterprise Java eCommerce product Vendor =================== DS Data Systems UK Ltd. Product...