CVE-2019-16403

Published September 18th, 2019

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.

bagisto/bagisto

Free and open source laravel eCommerce platform

GitHub

27.3K