| Título | CodeAstro Food Ordering System in PHP CodeIgniter 18/2021 Cross Site Scripting |
|---|
| Descripción | A critical Stored Cross-Site Scripting (XSS) vulnerability was discovered in the stores section of Food Ordering System in PHP CodeIgniter.
Attackers can inject malicious JavaScript via the patname field (POST parameter), which gets persistently stored in the database and executed whenever the profile page is viewed. |
|---|
| Fuente | ⚠️ https://github.com/Vanshdhawan188/Food-Ordering-System-in-PHP-CodeIgniter-/blob/main/Stored%20Cross-Site%20Scripting%20(XSS).md |
|---|
| Usuario | Subhash Paudel (UID 66830) |
|---|
| Sumisión | 2025-06-08 17:24 (hace 1 Año) |
|---|
| Moderación | 2025-06-15 12:42 (7 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 312600 [CodeAstro Food Ordering System 1.0 POST Request Parameter /admin/store/edit/ Restaurant Name/Address secuencias de comandos en sitios cruzados] |
|---|
| Puntos | 18 |
|---|