Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side template injection via first name and last name from a low-privilege user. Version 2.3.10 fixes the issue.
oryginał ENCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XWebkul Bagisto
APPWebkul< 2.3.10
Powiązane podatności
Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side t...
Bagisto is an open source laravel eCommerce platform. In versions on the 2.3 branch prior to 2.3.10, API route...
Bagisto is an open source laravel eCommerce platform. Prior to version 2.3.10, an Insecure Direct Object Refer...
Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side t...
Bagisto is an open source laravel eCommerce platform. When product data that begins with a spreadsheet formula...