CVE-2024-27499 Information

Description

Bagisto v1.5.1 is vulnerable for Cross site scripting(XSS) via png file upload vulnerability in product review option.

Reference

https://github.com/bagisto/bagisto/pull/9474 https://github.com/Ek-Saini/security/blob/main/xss-bagisto-v1.5.1