CVE-2024-0423: XSS
First published: Thu Jan 11 2024(Updated: )
A vulnerability was found in CodeAstro Online Food Ordering System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file dishes.php. The manipulation of the argument res_id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250442 is the identifier assigned to this vulnerability.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Online Food Ordering System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-0423?
CVE-2024-0423 has been rated as problematic.
What functionality is affected by CVE-2024-0423?
The vulnerability affects the unknown functionality of the file dishes.php.
What type of vulnerability is CVE-2024-0423?
CVE-2024-0423 is a cross site scripting vulnerability.
Can CVE-2024-0423 be exploited remotely?
Yes, the exploitation of CVE-2024-0423 can be launched remotely.
How do I fix CVE-2024-0423?
Patching the code handling the res_id argument in dishes.php is recommended to mitigate CVE-2024-0423.
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/references
- agent/author
- agent/description
- agent/severity
- agent/softwarecombine
- collector/epss-latest
- source/FIRST
- agent/epss
- agent/last-modified-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/codeastro
- canonical/online food ordering system
- version/online food ordering system/1.0