CVE-2025-50847 – A Cross-Site Request Forgery (CSRF) vulnerabili... (How to Fix)

Q: What is the severity of CVE-2025-50847?

CVE-2025-50847 has a CVSS score of 6.5 (MEDIUM). A Cross-Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3 allows attackers to manipulate user sessions by adding products to comparison lists without consent. This affects all users of vulnerable CS Cart installations who are logged into the application. Attackers can exploit this by tricking users into visiting malicious web pages.

📋 TL;DR

A Cross-Site Request Forgery (CSRF) vulnerability in CS Cart 4.18.3 allows attackers to manipulate user sessions by adding products to comparison lists without consent. This affects all users of vulnerable CS Cart installations who are logged into the application. Attackers can exploit this by tricking users into visiting malicious web pages.

💻 Affected Systems

Products:

CS Cart

Versions: 4.18.3

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects CS Cart 4.18.3 specifically; other versions may or may not be vulnerable.

📦 What is this software?

Cs Cart by Cs Cart

View all CVEs affecting Cs Cart →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could manipulate user shopping carts, comparison lists, or potentially other authenticated actions if similar CSRF vulnerabilities exist in other endpoints, leading to data manipulation or unauthorized purchases.

🟠

Likely Case

Attackers add unwanted products to user comparison lists, causing minor inconvenience and potential confusion during shopping sessions.

🟢

If Mitigated

With proper CSRF protections, no impact occurs as requests would be rejected without valid tokens.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires the victim to be authenticated and visit a malicious page. The GitHub reference contains proof-of-concept details.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://cs.com

Restart Required: No

Instructions:

Check vendor advisory at http://cs.com for official patch. If unavailable, implement CSRF protections manually or upgrade to a patched version when released.

🔧 Temporary Workarounds

Implement CSRF Tokens

all

Add anti-CSRF tokens to all state-changing endpoints, particularly product comparison functionality.

Modify CS Cart source code to include CSRF token validation in relevant controllers/views

SameSite Cookie Attribute

all

Set SameSite=Strict or Lax on session cookies to prevent cross-site requests.

Set session.cookie_samesite = 'Strict' in PHP configuration or application settings

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to detect and block CSRF patterns
Educate users about phishing risks and encourage logging out after sessions

🔍 How to Verify

Check if Vulnerable:

Test if product comparison endpoints accept requests without CSRF tokens by crafting a malicious form and attempting cross-site submission.

Check Version:

Check CS Cart admin panel or version file for exact version number

Verify Fix Applied:

Verify that all state-changing endpoints require and validate CSRF tokens, and test with malicious forms to confirm rejection.

📡 Detection & Monitoring

Log Indicators:

Multiple product comparison requests from same session without corresponding page views
Requests missing expected CSRF tokens

Network Indicators:

HTTP POST requests to comparison endpoints with Referer headers from external domains

SIEM Query:

source="web_logs" AND (uri_path="/comparison/add" OR uri_path LIKE "%/comparison%") AND http_method="POST" AND NOT csrf_token=*

📊 Metadata

CVE ID: CVE-2025-50847

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CWE: CWE-352

EPSS Score: 0.1% exploit probability (28.5th percentile)

Published: July 31, 2025

Last Updated: August 6, 2025

🔗 References

http://cs.com Not Applicable
https://github.com/hackerwahab/CS-Cart-Vulns/blob/main/CVE-2025-50847.md Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-50847, you might also want to check these: