Описание
Bagisto SSTI vulnerability in type parameter can lead to RCE
Summary
SSTI is possible in Bagisto via type parameter can lead to RCE and other exploitations.
Details
- Go to
http://127.0.0.1:8000/admin/reporting/products/view?type={{7*7}}
Impact
Can lead to RCE, command injection.
Пакеты
Наименование
bagisto/bagisto
composer
Затронутые версииВерсия исправления
< 2.3.10
2.3.10
Связанные уязвимости
CVSS3: 9.8
nvd
около 1 месяца назад
Bagisto is an open source laravel eCommerce platform. Versions prior to 2.3.10 are vulnerable to server-side template injection via type parameter, which can lead to remote code execution or another exploitation. Version 2.3.10 fixes the issue.