High severity8.8NVD Advisory· Published Aug 2, 2017· Updated Jun 17, 2026
CVE-2017-2138
CVE-2017-2138
Description
Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and earlier (excluding v2 and v3) allows remote attackers to hijack the authentication of administrators via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- cpe:2.3:a:cs-cart:cs-cart_multivendor:*:*:*:*:japanese:*:*:*Range: <=4.3.10
<=4.3.10 (excluding v2 and v3)+ 2 more
- (no CPE)range: <=4.3.10 (excluding v2 and v3)
- (no CPE)range: <=4.3.10 (excluding v2 and v3)
- (no CPE)range: v4.3.10 and earlier (excluding v2 and v3)
Patches
Vulnerability mechanics
References
2- tips.cs-cart.jp/fix-csrf-20170406.htmlnvdVendor Advisory
- jvn.jp/en/jp/JVN87770873/index.htmlnvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.