JVN#73776243: EC-CUBE vulnerable to cross-site request forgery
EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site request forgery vulnerability CWE-352. Impact If an administrator views a malicious page while logged in, unintended operations may be performed. Solution Apply the update or the...