Dream123

**Name of the Vulnerable Software and Affected Versions** jairiidriss RestaurantWebsite versions prior to e7911f12d035e8e2f9a75e7a28b59e4ef5c1d654 **Description** A flaw exists in jairiidriss RestaurantWebsite, specifically within the Make a Reservation component. Manipulation of the `selected date` argument can lead to cross site scripting. This issue can be exploited remotely. The exploit has been publicly disclosed. The product uses continuous delivery with rolling releases, and no specific version details for affected or updated releases are available. The vendor was notified of the issue but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** winston-dsouza Ecommerce-Website versions up to 87734c043269baac0b4cfe9664784462138b1b2e **Description** A weakness exists in winston-dsouza Ecommerce-Website. The issue affects some unknown functionality within the `/includes/header menu.php` file, specifically the GET Parameter Handler component. Manipulation of the `Error` parameter can lead to cross site scripting. The attack can be executed remotely. The exploit has been made publicly available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.