CVE-2025-3692

Name of the Vulnerable Software and Affected Versions SourceCodester Online Eyewear Shop version 1.0

Description A vulnerability was found in the software, affecting an unknown functionality of the file /oews/classes/Master.php?f=save product, leading to cross site scripting. The attack can be launched remotely.

Recommendations For version 1.0, consider restricting access to the /oews/classes/Master.php file to minimize the risk of exploitation. As a temporary workaround, avoid using the save product functionality in the Master.php file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.