Security Advisories - bagisto/bagisto - Packagist

bagisto/bagisto Security Advisories for v0.1.4-BETA3 (6)

[MEDIUM] Bagisto vulnerable to Insecure Direct Object Reference (IDOR)

PKSA-wb8p-jgfr-t7k3 CVE-2023-36238 GHSA-pmc7-hmmw-g96q

Affected version: <1.3.2

Reported by:
GitHub
[MEDIUM] Bagist Cross-site Scripting vulnerability

PKSA-77rb-vgws-7fh6 CVE-2024-27499 GHSA-w5mx-334j-6fwv

Affected version: <2.1.0

Reported by:
GitHub
[MEDIUM] Bagisto Cross-Site Request Forgery vulnerability

PKSA-w4jp-j8db-3n21 CVE-2023-36237 GHSA-7p7q-fjfw-v3gf

Affected version: <1.3.2

Reported by:
GitHub
[MEDIUM] Cross-site Scripting in Bagisto

PKSA-8qxk-cvft-wh5z CVE-2023-36236 GHSA-c962-g533-823f

Affected version: <1.3.2

Reported by:
GitHub
[HIGH] Bagisto CSRF Vulnerability

PKSA-snz4-ktkv-sv86 CVE-2019-14933 GHSA-pgwp-f3xh-m24g

Affected version: <0.1.5

Reported by:
GitHub
[MEDIUM] Authorization Bypass Through User-Controlled Key in Bagisto

PKSA-m35w-k2t4-s1nv CVE-2019-16403 GHSA-pwrf-q7h8-jjr7

Affected version: <0.1.5

Reported by:
GitHub