403 Forbidden error (CSRF) when trying to checkout a verified certificate upgrade

I have created a course with a verified track. A student has enrolled in the course (in the audit track) and I have manually verified his ID. Now he is trying to upgrade his enrollment to a verified track (from /verify_student/upgrade/course-ID page) Whenever he clicks on the “Checkout” button,

he gets this error:

In my lms.log I get these messages:

Feb 21 22:06:17 edx-mooc [service_variant=lms][django.security.csrf][env:sandbox] WARNING [edx-mooc 26919] [csrf.py:160] - Forbidden (CSRF token missing or incorrect.): /verify_student/upgrade/course-v1:UEU+proba02+2020_04/

Feb 21 22:08:07 edx-mooc [service_variant=lms][lms.djangoapps.verify_student.views][env:sandbox] INFO [edx-mooc 26919] [views.py:289] - Entering payment and verification flow for user ‘21’, course ‘course-v1:UEU+proba02+2020_04’, with current step ‘None’.

I have checked that the CSRF token is sent as a cookie

Any help will be greatly appreciated.

Never mind, I think that the main problem is that I haven’t activated the CyberSource E-commerce module. The error message is deceiving, though.