CVE-2022-4253

LOW

Canteen Management System - XSS

Title source: rule

Description

A vulnerability was found in SourceCodester Canteen Management System. It has been declared as problematic. This vulnerability affects the function builtin_echo of the file customer.php. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-214630 is the identifier assigned to this vulnerability.

References (2)

[Exploit, Third Party Advisory] https://blog.csdn.net/weixin_43864034/article/details/128127516

[Third Party Advisory] https://vuldb.com/?id.214630

Scores

CVSS v3 3.5

EPSS 0.0021

EPSS Percentile 43.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-707

Status published

Products (1)

canteen_management_system_project/canteen_management_system

Published Dec 01, 2022

Tracked Since Feb 18, 2026