Skip to main content

CS-Cart CVE-2025-50847

MEDIUM
Cross-Site Request Forgery (CSRF) (CWE-352)
2025-07-31 cve@mitre.org
6.5
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
vuln.today AI
4.3 MEDIUM

CSRF inherently requires UI:R; comparison list modification yields I:L only, with no confidentiality or availability impact.

3.1 AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (mitre).

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

1
Analysis Generated
Jul 05, 2026 - 03:57 vuln.today

DescriptionCVE.org

Cross Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3, allows attackers to add products to a user's comparison list via a crafted HTTP request.

AnalysisAI

Cross-Site Request Forgery in CS-Cart 4.18.3 permits an attacker to silently add arbitrary products to an authenticated user's comparison list by tricking the victim into loading a crafted HTTP request. The impact is confined to unauthorized modification of the comparison list feature - no data exfiltration or account takeover is possible via this vector. No public exploit identified at time of analysis, and the EPSS score of 0.14% (4th percentile) reflects very low real-world exploitation interest.

Technical ContextAI

CS-Cart (cpe:2.3:a:cs-cart:cs-cart:4.18.3:*:*:*:*:*:*:*) is a PHP-based commercial e-commerce platform. CWE-352 (Cross-Site Request Forgery) describes a root cause where a web application accepts state-changing requests without verifying that the request originated from the legitimate user's own session - typically because anti-CSRF tokens are absent or not validated on the endpoint that manages the comparison list. An attacker who can serve content to a victim's browser (e.g., via a malicious link or embedded iframe) can forge a request that the victim's authenticated session will sign, causing the server to act on the attacker's behalf. The vulnerability is specific to version 4.18.3; no CPE data indicates earlier or later versions are confirmed affected.

RemediationAI

No vendor-released patch has been identified at time of analysis - the only available reference is a researcher-authored GitHub disclosure with no corresponding CS-Cart vendor advisory or patched release version. CS-Cart users on version 4.18.3 should monitor the official CS-Cart changelog and security advisories for a fix. As a compensating control, site administrators can consider disabling or restricting access to the product comparison feature if it is not business-critical, which eliminates the attack surface entirely. Additionally, a Web Application Firewall (WAF) rule that enforces the presence of a valid Referer or Origin header on state-changing requests can reduce exposure, though this is not a substitute for proper server-side CSRF token validation. Restricting the comparison list endpoint to authenticated sessions only - if not already the case - limits the attack to scenarios where the victim is logged in. The researcher disclosure is at https://github.com/hackerwahab/CS-Cart-Vulns/blob/main/CVE-2025-50847.md.

CVE-2015-2701 MEDIUM POC
6.8 Mar 25

Cross-site request forgery (CSRF) vulnerability in CS-Cart 4.2.4 allows remote attackers to hijack the authentication of

CVE-2016-4862 HIGH
8.8 Apr 20

Twigmo bundled with CS-Cart 4.3.9 and earlier and Twigmo bundled with CS-Cart Multi-Vendor 4.3.9 and earlier allow remot

CVE-2017-2138 HIGH
8.8 Aug 02

Cross-site request forgery (CSRF) vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), C

CVE-2025-50850 HIGH
8.6 Jul 31

Credential brute-forcing against CS-Cart 4.18.3 is possible because the vendor login endpoint ships without CAPTCHA, rat

CVE-2017-15673 HIGH
7.2 Nov 28

The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP

CVE-2025-50848 MEDIUM
6.1 Jul 31

Unrestricted HTML file upload in CS-Cart 4.18.3 enables stored cross-site scripting and phishing attacks against users o

CVE-2021-32202 MEDIUM
6.1 Sep 14

In CS-Cart version 4.11.1, it is possible to induce copy-paste XSS by manipulating the "post description" filed in the b

CVE-2017-10886 MEDIUM
5.4 Nov 17

Cross-site scripting vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multiv

CVE-2017-2139 MEDIUM
5.3 Apr 28

CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10 and ear

CVE-2013-0118 MEDIUM
5.0 Feb 24

CS-Cart before 3.0.6, when PayPal Standard Payments is configured, allows remote attackers to set the payment recipient

CVE-2013-7317 MEDIUM
4.3 Jan 24

Multiple cross-site scripting (XSS) vulnerabilities in CS-Cart before 4.1.1 allow remote attackers to inject arbitrary w

Share

CVE-2025-50847 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy