5 matches found
Magento Open Source allows Cross-Site Request Forgery (CSRF)
Adobe Commerce versions 2.4.2-p2 and earlier, 2.4.3 and earlier and 2.3.7p1 and earlier are affected by a cross-site request forgery CSRF vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to a customer's cart by an unauthenticated attacker. Acces...
CVE-2021-39864
Adobe Commerce versions 2.4.2-p2 and earlier, 2.4.3 and earlier and 2.3.7p1 and earlier are affected by a cross-site request forgery CSRF vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to customer cart by an unauthenticated attacker. Access to...
CVE-2021-39864
Adobe Commerce versions 2.4.2-p2 and earlier, 2.4.3 and earlier and 2.3.7p1 and earlier are affected by a cross-site request forgery CSRF vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to customer cart by an unauthenticated attacker. Access to...
Cross site request forgery (csrf)
Adobe Commerce versions 2.4.2-p2 and earlier, 2.4.3 and earlier and 2.3.7p1 and earlier are affected by a cross-site request forgery CSRF vulnerability via a Wishlist Share Link. Successful exploitation could lead to unauthorized addition to customer cart by an unauthenticated attacker. Access to...
CVE-2021-39864
CVE-2021-39864 is a CSRF vulnerability in Adobe Commerce / Magento Open Source via a Wishlist Share Link. Affected: Adobe Commerce versions 2.4.2-p2 and earlier, 2.4.3 and earlier, 2.3.7p1 and earlier. Impact: unauthenticated attacker could cause unauthorized additions to a customer’s cart withou...