Description
A vulnerability was found in SourceCodester Online Food Ordering System 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Category List Handler. The manipulation of the argument Reason with the input "><script>prompt(1)</script> leads to cross site scripting. The attack may be launched remotely. VDB-218186 is the identifier assigned to this vulnerability.
References (2)
Core 2
Core References
Permissions Required, Third Party Advisory vdb-entry
technical-description
https://vuldb.com/?id.218186
Permissions Required, Third Party Advisory signature
https://vuldb.com/?ctiid.218186
Scores
CVSS v3
2.4
EPSS
0.0024
EPSS Percentile
46.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (2)
online_food_ordering_system_project/online_food_ordering_system
2.0
oretnom23/online_food_ordering_system
2.0
Published
Jan 12, 2023
Tracked Since
Feb 18, 2026