Persistent Cross-Site Scripting Vulnerability in Fast Food Ordering System by Fast Food Vendors
CVE-2022-32318

5.4MEDIUM

Key Information:

Vendor: Fast Food Ordering System Project
Status: Fast Food Ordering System
Vendor: CVE Published:; 14 July 2022

🔔 Create Fast Food Ordering System Project Vulnerability Alert

What is CVE-2022-32318?

A persistent cross-site scripting (XSS) vulnerability has been identified in the Fast Food Ordering System v1.0. This flaw allows attackers to inject malicious scripts into the application via the component /ffos/classes/Master.php?f=save_category. When users interact with the affected system, these scripts can be executed within their browsers, potentially leading to data theft, session hijacking, and other malicious activities. It is crucial for users and administrators to review their security practices and apply necessary patches to mitigate the risks associated with this vulnerability.

References

https://packetstormsecurity.com/files/167309/Fast-Food-Or...

x_refsource_MISC

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 14, 2022
Vulnerability Reserved
Jun 5, 2022

CVE-2022-32318 Data

JSON