CVE-2020-22403

CVE-2020-22403

The express-cart package through 1.1.10 for Node.js allows CSRF.

Source: CVE-2020-22403