[MEDIUM] bagisto has a Cross Site Scripting (XSS) vulnerability in TinyMCE Image Upload (SVG)

PKSA-29h4-8qhb-8hq4 CVE-2025-62418 GHSA-fg89-g389-p346

Affected package: bagisto/bagisto

Affected version: <=2.3.7

Reported by:
GitHub