Timllayo

**Name of the Vulnerable Software and Affected Versions** Juunan06 eCommerce through 2018-08-05 **Description** An issue was discovered that allows for a CSRF vulnerability in the ee/eBoutique/app/template/includes/crudTreatment.php file, enabling the addition of new users and products. **Recommendations** For versions through 2018-08-05, as a temporary workaround, consider restricting access to the crudTreatment.php file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.