The express-cart package through 1.1.10 for Node.js allows CSRF.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22403
Reference (s):
- https://security.netapp.com/advisory/ntap-20210909-0004/
- https://hackerone.com/reports/395944
The express-cart package through 1.1.10 for Node.js allows CSRF.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-22403
Reference (s):