2 matches found
CVE-2025-40675
A Reflected Cross-Site Scripting XSS vulnerability has been found in Bagisto v2.0.0. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the parameter 'query' in '/search'. This vulnerability can be exploited to stea...
CVE-2025-40675
CVE-2025-40675 is a reflected XSS vulnerability reported in Bagisto v2.0.0. The issue arises from the use of the URL parameter query in the /search endpoint, enabling an attacker to inject and execute arbitrary JavaScript in a victim’s browser. The impact described across sources includes potenti...