CVE-2025-5628

Name of the Vulnerable Software and Affected Versions SourceCodester Food Menu Manager version 1.0

Description A problematic issue has been found in the software, affecting some unknown functionality of the file /index.php of the component Add Menu Handler. The manipulation of the name/description argument leads to cross-site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Recommendations For version 1.0, consider disabling the Add Menu Handler component until a patch is available to prevent cross-site scripting attacks. Restrict access to the /index.php file to minimize the risk of exploitation. Avoid using the name/description argument in the affected component until the issue is resolved.