CVE-2018-5301
Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have CSRF resulting in deletion of a customer address from an address book, aka APPSEC-1433.
CSRF
Vendor | Product | Version |
---|---|---|
magento | magento | 𝑥 < 2.0.10 |
magento | magento | 2.1.0 ≤ 𝑥 < 2.1.2 |
magento | magento | 𝑥 < 2.0.10 |
magento | magento | 2.1.0 ≤ 𝑥 < 2.1.2 |
Common Weakness Enumeration