CVE-2019-16403

EUVD-2019-0761
In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 51%
Affected Products (NVD)
VendorProductVersion
webkulbagisto
𝑥
< 0.1.5
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/bagisto/bagisto/issues/749
https://github.com/bagisto/bagisto/issues/749