Lockon : Security Vulnerabilities, CVEs, Published In 2015 (CSRF)
Cross-site request forgery (CSRF) vulnerability in LOCKON EC-CUBE 2.11.0 through 2.13.3 allows remote attackers to hijack the authentication of arbitrary users for requests that write to PHP scripts, related to the doValidToken function.
Max CVSS
5.1
EPSS Score
0.16%
Published
2015-10-27
Updated
2015-10-28
1 vulnerabilities found