Miggo Logo
Miggo Vulnerability Database
CVE-2020-28838

CVE-2020-28838:
OpenCart Cross-Site Request Forgery (CSRF)

3.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2020-28838
GHSA ID
GHSA-3j6m-m5v5-9785
EPSS Score
0.2782%
CWE
CWE-352
Published
5/24/2022
Updated
4/23/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
opencart/opencartcomposer= 3.0.3.6

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The exploit demonstrates CSRF vulnerability through a POST request to checkout/cart/add endpoint without anti-CSRF tokens. In OpenCart's architecture, this maps to the add() method in the cart controller. The absence of token validation in this method (as shown in the POC's token-less request) makes it vulnerable. The vulnerability's nature (CSRF in cart addition) and exploit mechanism directly implicate this controller method.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*ross Sit* R*qu*st *or**ry (*SR*) in **RT option in Op*n**rt Lt*. Op*n**rt *MS *.*.*.* *llows *tt**k*r to *** **rt it*ms vi* *** to **rt.

Reasoning

T** *xploit **monstr*t*s *SR* vuln*r**ility t*rou** * POST r*qu*st to ****kout/**rt/*** *n*point wit*out *nti-*SR* tok*ns. In Op*n**rt's *r**it**tur*, t*is m*ps to t** `***()` m*t*o* in t** **rt *ontroll*r. T** **s*n** o* tok*n v*li**tion in t*is m*t