[MEDIUM] bagisto has Server Side Template Injection (SSTI) in Product Description

PKSA-tfym-n9wv-r1z9 CVE-2025-62416 GHSA-527q-4wqv-g9wj

Affected package: bagisto/bagisto

Affected version: <=2.3.7

Reported by:
GitHub