Magento Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2018-5301 - Vulnerability Database

Magento Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2018-5301

Medium

Reference: CVE-2018-5301

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-5301

Title: Magento Cross-Site Request Forgery (CSRF) Vulnerability

Overview:

Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have CSRF resulting in deletion of a customer address from an address book aka APPSEC-1433.