AI Score
Confidence
High
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery (CSRF) that allows a remote attacker to add an admin user with role status.
github.com/MinoTauro2020/CVE-2023-43149