Vikramrajvashisth

**Name of the Vulnerable Software and Affected Versions** Bagisto versions prior to 0.1.5 **Description** The issue allows customers to manipulate other customers' values, including address, review, orders, etc. **Recommendations** For versions prior to 0.1.5, update to version 0.1.5 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Bagisto versions prior to 0.1.5 **Description** The issue allows for CSRF under "/admin" URIs. This can potentially lead to unauthorized actions being performed on the application. **Recommendations** For versions prior to 0.1.5, update to version 0.1.5 or later to resolve the issue. As a temporary workaround, consider implementing CSRF protection measures, such as token-based validation, to mitigate the risk of exploitation. Restrict access to the "/admin" URI to minimize the risk of unauthorized actions.