CVE-2023-24192

Name of the Vulnerable Software and Affected Versions Online Food Ordering System version v2

Description The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability is present in the redirect parameter in the login.php file. Cross-site scripting (XSS) is a type of security vulnerability that allows an attacker to inject malicious scripts into a website, potentially allowing them to steal user data or take control of the user's session. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. The vulnerability can be exploited through the "redirect" parameter in the "login.php" file.

Recommendations For Online Food Ordering System version v2, consider disabling the redirect parameter in the login.php file until a patch is available. Restrict access to the login.php file to minimize the risk of exploitation. Avoid using the redirect parameter in the login.php file until the issue is resolved.