CNNVD-202510-2293 Information

CNNVD ID

CNNVD-202510-2293

Related CVE

CVE-2025-62417

• CNNVD Published: 2025-10-16

Description (Chinese)

Webkul Software Bagisto是印度Webkul Software公司的一套开源的电子商务框架。 Webkul Software Bagisto 2.3.8之前版本存在安全漏洞，该漏洞源于未正确处理电子表格公式字符，可能导致数据渗漏和远程命令执行。

Description (English)

Webkul Software Bagisto is an open-source e-commerce framework for Webkul Software in India. There was a security loophole in the pre-Webkul Software Bagisto 2.3.8 version, which resulted from the incorrect handling of spreadsheet formula characters, which could lead to data leakage and remote command execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Webkul Software

Published

2025-10-16

Last Modified

2026-02-24

References

https://github.com/bagisto/bagisto/security/advisories/GHSA-jqrp-58fv-w8cq https://access.redhat.com/security/cve/cve-2025-62417

Patch

https://bagisto.com/en/download/