| 标题 | Sourcecodester Food Menu Manager 1.0 xss |
|---|
| 描述 | The 'name' and 'description' parameter in the /index.php file of Sourcecodester Food Menu Manager v1.0 is vulnerable to Stored Cross-Site Scripting (XSS). This vulnerability is a result of inadequate input validation and sanitization of user-provided data. An attacker could take advantage of this flaw by injecting malicious scripts into these parameters. Once stored on the server, these scripts may execute when other users access the affected user's profile. |
|---|
| 来源 | ⚠️ https://github.com/mysq13/CVE/issues/1 |
|---|
| 用户 | mysq (UID 84736) |
|---|
| 提交 | 2025-06-03 11時55分 (1 年前) |
|---|
| 管理 | 2025-06-04 13時17分 (1 day later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 311114 [SourceCodester Food Menu Manager 1.0 Add Menu /index.php name/description 跨网站脚本] |
|---|
| 积分 | 20 |
|---|