2 matches found
CVE-2021-39864
CVE-2021-39864 is a CSRF vulnerability in Adobe Commerce / Magento Open Source via a Wishlist Share Link. Affected: Adobe Commerce versions 2.4.2-p2 and earlier, 2.4.3 and earlier, 2.3.7p1 and earlier. Impact: unauthenticated attacker could cause unauthorized additions to a customer’s cart withou...
CVE-2021-39864 Adobe Commerce Cross-Site Request Forgery (CSRF) Could Lead To Unauthorized Cart Addition
Adobe Commerce versions 2.4.2-p2 and earlier, 2.4.3 and earlier and 2.3.7p1 and earlier are affected by a cross-site request forgery CSRF vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to customer cart by an unauthenticated attacker. Access to...