CVE-2023-1418

Name of the Vulnerable Software and Affected Versions SourceCodester Friendly Island Pizza Website and Ordering System version 1.0

Description A problematic vulnerability was found in the file cashconfirm.php of the component POST Parameter Handler. The manipulation of the transactioncode argument leads to cross-site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For version 1.0, consider disabling the cashconfirm.php file or restricting access to it until a patch is available. As a temporary workaround, avoid using the transactioncode argument in the affected POST Parameter Handler to minimize the risk of exploitation.