| 제목 | SourceCodester Online Food Ordering System 1.0 Cross Site Scripting |
|---|
| 설명 | A stored cross-site scripting (XSS) vulnerability exists in Online Food Ordering System 1.0. The flaw is found in the Category management module within the admin panel (/admin/?page=maintenance). The application fails to sanitize the 'Category Name' POST parameter before storing it in the SQLite database. This allows an authenticated attacker to inject arbitrary JavaScript that executes whenever the category list is viewed by an administrator or user. |
|---|
| 원천 | ⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Online-Food-Ordering-System/Stored-XSS-Category-Name.md |
|---|
| 사용자 | Anonymous User |
|---|
| 제출 | 2026. 03. 25. AM 03:22 (18 날 ago) |
|---|
| 모더레이션 | 2026. 04. 08. PM 05:22 (15 days later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 353956 [SourceCodester Online Food Ordering System 1.0 Category Management Category Name 크로스 사이트 스크립팅] |
|---|
| 포인트들 | 0 |
|---|