SourceCodester Online Food Ordering System Category List cross site scripting
CVE-2023-0258

6.1MEDIUM

Key Information:

Vendor: SourceCodester
Status: Online Food Ordering System
Vendor: CVE Published:; 12 January 2023

Summary

A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Category List Handler. The manipulation of the argument Reason with the input ">prompt(1) leads to cross site scripting. The attack may be launched remotely. VDB-218186 is the identifier assigned to this vulnerability.

Affected Version(s)

Online Food Ordering System 2.0

References

https://vuldb.com/?id.218186

vdb-entrytechnical-description

https://vuldb.com/?ctiid.218186

signature

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Jan 12, 2023
Vulnerability Reserved
Jan 12, 2023

Credit

lucifoxer001 (VulDB User)