CVE-2026-6745 | Bagisto up to 2.3.15 Custom Scripts cross site scripting

A vulnerability was found in Bagisto up to 2.3.15. It has been rated as problematic. Affected by this vulnerability is an unknown functionality of the component Custom Scripts Handler. This manipulation causes cross site scripting.

This vulnerability is registered as CVE-2026-6745. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure and explains: “We already replied on the github advisories. All the security issues are addressed through security advisory. We will fix this in our upcomming releases.”VulDB Recent EntriesRead More