CVE-2022-1991

Name of the Vulnerable Software and Affected Versions Fast Food Ordering System version 1.0

Description A problematic issue has been discovered, affecting the Master.php file of the Master List. The manipulation of the Description argument with the input foo "><img src="" onerror="alert(document.cookie)"> leads to cross-site scripting. This issue can be exploited remotely, but authentication is required. Exploit details are publicly available.

Recommendations For Fast Food Ordering System version 1.0, consider disabling the Description argument in the Master.php file until a patch is available to prevent cross-site scripting attacks. Restrict access to the Master List to minimize the risk of exploitation. Avoid using the Description argument in the affected file until the issue is resolved.