CVE-2017-2143
CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, and CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier, are affected by an unauthenticated access-permission bypass (CWE-425) that allows a remote attacker to bypass restrictions and create a request to return a customer-purchased item...