Solidus is an open source e-commerce system. A cross-site request forgery vulnerability exists in Solidus Solidus_auth_devise, which stems from a lack of CSRF authentication in the product. An attacker could send an unintended request to the server through this vulnerability.