Customer Data Manipulation Vulnerability in Webkul Bagisto

Customer Data Manipulation Vulnerability in Webkul Bagisto

CVE-2019-16403 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.

Learn more about our Web App Pen Testing.