Severity: Critical
CVSS Score: 9.8
Versions of `express-cart` before 1.1.6 are vulnerable to privilege escalation. This vulnerability can be exploited so that normal users can escalate their privilege and add new administrator users. ## Recommendation Update to version 1.1.6 or later.