| Titolo | CodeAstro Food Ordering System in PHP CodeIgniter 18/2021 Cross Site Scripting |
|---|
| Descrizione | A critical Stored Cross-Site Scripting (XSS) vulnerability was discovered in the stores section of Food Ordering System in PHP CodeIgniter.
Attackers can inject malicious JavaScript via the patname field (POST parameter), which gets persistently stored in the database and executed whenever the profile page is viewed. |
|---|
| Fonte | ⚠️ https://github.com/Vanshdhawan188/Food-Ordering-System-in-PHP-CodeIgniter-/blob/main/Stored%20Cross-Site%20Scripting%20(XSS).md |
|---|
| Utente | Subhash Paudel (UID 66830) |
|---|
| Sottomissione | 08/06/2025 17:24 (1 Anno fa) |
|---|
| Moderazione | 15/06/2025 12:42 (7 days later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 312600 [CodeAstro Food Ordering System 1.0 POST Request Parameter /admin/store/edit/ Restaurant Name/Address cross site scripting] |
|---|
| Punti | 18 |
|---|