Approved changes feed: RSS · Atom
cpe:2.3:a:n/a:bagisto:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | N/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78) |
|---|---|
| Product | Bagisto (5e31aa01-20c0-5327-994a-2924c9060981) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2026-6745 |
vulnerable | 2026-06-08 08:07:05.029642 |
Bagisto Custom Scripts cross site scripting
LOW (3.5)
A vulnerability was determined in Bagisto up to 2.3.15. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure and explains: "We already replied on the github advisories. All the security issues are addressed through security advisory. We will fix this in our upcomming releases."
Published: 2026-04-21T18:30:17.803Z
Updated: 2026-04-21T18:45:13.321Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2026-6744 |
vulnerable | 2026-06-08 08:07:05.029179 |
Bagisto Downloadable Link copy server-side request forgery
MEDIUM (6.3)
A vulnerability was found in Bagisto up to 2.3.15. Affected is the function copy of the component Downloadable Link Handler. The manipulation results in server-side request forgery. The attack may be launched remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure and explains: "We already replied on the github advisories. All the security issues are addressed through security advisory. We will fix this in our upcomming releases."
Published: 2026-04-21T18:00:17.506Z
Updated: 2026-04-22T13:27:41.715Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.