First published: Fri Nov 17 2023(Updated: )
Cross-site request forgery (CSRF) vulnerability in CubeCart prior to 6.5.3 allows a remote unauthenticated attacker to delete data in the system.
Credit: vultures@jpcert.or.jp
Affected Software | Affected Version | How to fix |
---|---|---|
Cubecart Cubecart | <6.5.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this CubeCart vulnerability is CVE-2023-38130.
The severity of CVE-2023-38130 is high with a CVSS score of 8.1.
The CSRF vulnerability in CubeCart prior to 6.5.3 allows a remote unauthenticated attacker to delete data in the system.
CubeCart versions up to and exclusive of 6.5.3 are affected by this vulnerability.
To fix the CSRF vulnerability in CubeCart, upgrade to version 6.5.3 or newer.