CVE-2020-27997
Published
CVSS v3
8.8
HIGH
CVSS v2
6.8
MEDIUM
Affected
1
PROJECT
Description
An issue was discovered in SmartStoreNET before 4.1.0. Lack of Cross Site Request Forgery (CSRF) protection may lead to elevation of privileges (e.g., /admin/customer/create to create an admin account).
Open Source ASP.NET MVC Enterprise eCommerce Shopping Cart Solution
GitHub