Vulnerability Description
Sourcecodester Online Pizza Ordering System v1.0 has a Cross-site scripting (XSS) vulnerability in "/admin/index.php?page=categories" Category item.
CVSS Score
6.1
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Online Pizza Ordering System Project | Online Pizza Ordering System | 1.0 |
Related Weaknesses (CWE)
References
- https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Pizza%Third Party Advisory
- https://www.chtsecurity.com/news/57fd2fe6-11d9-421d-9087-88b4d5090452
- https://www.chtsecurity.com/news/c27389f3-a70b-4a71-952a-49f273d1db90
- https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Pizza%Third Party Advisory
- https://www.chtsecurity.com/news/57fd2fe6-11d9-421d-9087-88b4d5090452
- https://www.chtsecurity.com/news/c27389f3-a70b-4a71-952a-49f273d1db90
FAQ
What is CVE-2023-37150?
CVE-2023-37150 is a vulnerability with a CVSS score of 6.1 (MEDIUM). Sourcecodester Online Pizza Ordering System v1.0 has a Cross-site scripting (XSS) vulnerability in "/admin/index.php?page=categories" Category item.
How severe is CVE-2023-37150?
CVE-2023-37150 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-37150?
Check the references section above for vendor advisories and patch information. Affected products include: Online Pizza Ordering System Project Online Pizza Ordering System.