Home / os / winmobile

Shopware 5.3.7 Cross Site Request Forgery

Posted on 13 March 2018

Shopware versions 4.0.1 through 5.3.7 suffer from a cross site request forgery vulnerability. Malicious, third-party websites may abuse this API to list, add or remove products from a user's cart.

 

TOP