Mirumee - Saleor CVE

Filtered by vendor Mirumee Subscribe

Filtered by product Saleor

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-13594	1 Mirumee	1 Saleor	2019-07-17	6.8 MEDIUM	8.8 HIGH
In Mirumee Saleor 2.7.0 (fixed in 2.8.0), CSRF protection middleware was accidentally disabled, which allowed attackers to send a POST request without a valid CSRF token and be accepted by the server.

Vulnerabilities (CVE)