Suganya26392

**Name of the Vulnerable Software and Affected Versions** waimai Super Cms version 20150505 **Description** The issue is related to an XSS vulnerability. It can be exploited via the "/admin.php/Foodcat/addsave" API endpoint, specifically through the `fcname` parameter. **Recommendations** For waimai Super Cms version 20150505, avoid using the `fcname` parameter in the "/admin.php/Foodcat/addsave" API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to this endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Waimai Super Cms version 20150505 **Description** A security issue exists due to the presence of a cross-site scripting (XSS) flaw. This issue can be exploited via the `fname` parameter in the `admin.php?m=Food&a=addsave` or `admin.php?m=Food&a=editsave` API endpoints. **Recommendations** For Waimai Super Cms version 20150505, avoid using the `fname` parameter in the affected API endpoints until the issue is resolved. As a temporary workaround, consider restricting access to the `admin.php?m=Food&a=addsave` and `admin.php?m=Food&a=editsave` endpoints to minimize the risk of exploitation.