Privilege Escalation Vulnerability in express-cart <=1.1.5 Allows Unauthorized User Access

Privilege Escalation Vulnerability in express-cart <=1.1.5 Allows Unauthorized User Access

CVE-2018-16483 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

A deficiency in the access control in module express-cart <=1.1.5 allows unprivileged users to add new users to the application as administrators.

Learn more about our User Device Pen Test.