Description
A cross-site request forgery (CSRF) vulnerability exists in the checkout cart item of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited at the time of editing or configuration.
Remediation
References
Related Vulnerabilities
Apache HTTP Server CVE-2007-3304 Vulnerability (CVE-2007-3304)
WordPress Plugin Migration, Backup, Staging-WPvivid PHAR Deserialization (0.9.74)
WordPress Plugin Efence Multiple Cross-Site Scripting Vulnerabilities (1.3.2)
Oracle JRE CVE-2023-21954 Vulnerability (CVE-2023-21954)
WordPress Plugin Display Widgets Cross-Site Scripting (2.03)