Authorization Vulnerability in Webkul Bagisto E-commerce Platform

CVE-2019-16403

What is CVE-2019-16403?

In the Webkul Bagisto e-commerce platform prior to version 0.1.5, an authorization bypass vulnerability allows customers to modify data belonging to other users. This includes critical functionalities such as changing addresses, managing reviews, and altering order details, posing significant risks to customer privacy and data integrity.

References