Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows malicious user to add cart items via Add to cart.
opencart opencart 3.0.3.6