Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-27997

Disclosure Date: February 19, 2021 (last updated February 22, 2025)
An issue was discovered in SmartStoreNET before 4.1.0. Lack of Cross Site Request Forgery (CSRF) protection may lead to elevation of privileges (e.g., /admin/customer/create to create an admin account).
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0