VYPR
Medium severity5.3NVD Advisory· Published May 17, 2026· Updated May 26, 2026

CVE-2018-25336

CVE-2018-25336

Description

jCart for OpenCart 2.3.0.2 contains a cross-site request forgery vulnerability that allows attackers to modify user account information without authentication. Attackers can craft malicious HTML forms targeting endpoints , and to change user credentials, passwords, and affiliate account details when victims visit the attacker-controlled page.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.