CVE-2019-19685 in nopCommerce
Сводка
по MITRE
RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to CSRF because GET requests can be used for renames and deletions.
If you want to get best quality of vulnerability data, you may have to visit VulDB.