8.8CVSS
8.7AI Score
0.001EPSS
In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.
8.8CVSS
8.6AI Score
0.001EPSS
8.8CVSS
8.8AI Score
0.001EPSS
Cross Site Scripting vulnerability in webkil Bagisto v.1.5.0 and before allows an attacker to execute arbitrary code via a crafted SVG file uplad.
4.8CVSS
5.4AI Score
0.001EPSS