CVE-2020-35261

Name of the Vulnerable Software and Affected Versions sourcecodester Multi Restaurant Table Reservation System version 1.0

Description The issue is related to a Cross Site Scripting (XSS) vulnerability. It can be exploited via the "Restaurant Name" field in the "/dashboard/profile.php" API endpoint. This allows for potential malicious script injection. No information is provided about the estimated number of affected devices or real-world incidents.

Recommendations For sourcecodester Multi Restaurant Table Reservation System version 1.0, consider validating and sanitizing user input for the Restaurant Name field to prevent XSS attacks. As a temporary workaround, restrict access to the "/dashboard/profile.php" endpoint until a proper fix is applied.