CVE-2026-21449 | Bagisto up to 2.3.9 special elements used in a template engine (GHSA-mqhg-v22x-pqj8)

January 2, 2026 Yanac

A vulnerability, which was classified as critical, has been found in Bagisto up to 2.3.9. The impacted element is an unknown function. This manipulation causes improper neutralization of special elements used in a template engine.

This vulnerability is registered as CVE-2026-21449. Remote exploitation of the attack is possible. No exploit is available.

It is advisable to upgrade the affected component.VulDB Recent EntriesRead More