Medium severity5.3NVD Advisory· Published May 17, 2026· Updated May 26, 2026
CVE-2018-25336
CVE-2018-25336
Description
jCart for OpenCart 2.3.0.2 contains a cross-site request forgery vulnerability that allows attackers to modify user account information without authentication. Attackers can craft malicious HTML forms targeting endpoints , and to change user credentials, passwords, and affiliate account details when victims visit the attacker-controlled page.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.