Ubercart - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2019-032

Project: UbercartDate: 2019-March-06Security risk: Moderately critical 12∕25 AC:None/A:Admin/CI:None/II:Some/E:Proof/TD:DefaultVulnerability: Cross Site Request ForgeryDescription: The Ubercart module provides a shopping cart and e-commerce features for Drupal.
The taxes module doesn't sufficiently protect the tax rate cloning feature. A malicious user could trick a store administrator into duplicating an existing tax rate by getting them to visit a specially-crafted URL.Solution: Install the latest version:

Reported By: 

Fixed By: 

Coordinated By: 

Path to article https://www.drupal.org/sa-contrib-2019-032