Vulnerability Details CVE-2017-2143
CS-Cart Japanese Edition v4.3.10-jp-1 and earlier, CS-Cart Multivendor Japanese Edition v4.3.10-jp-1 and earlier allows remote attackers to bypass access restriction to create a request to return a customer purchased item via rma.post.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.2%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
Products affected by CVE-2017-2143
-
cpe:2.3:a:frogman_office_inc:cs-cart_japanese_edition:4.3.10-jp-1
-
cpe:2.3:a:frogman_office_inc:cs-cart_multivendor_japanese_edition:4.3.10-jp-1