CVE-2025-6131

Name of the Vulnerable Software and Affected Versions CodeAstro Food Ordering System version 1.0

Description A cross-site scripting (XSS) vulnerability exists due to the manipulation of the Restaurant Name/Address argument within a POST request parameter handler. This affects an unknown function in the /admin/store/edit/ file. The vulnerability allows for remote attacks. The exploit for this issue has been publicly disclosed.

Recommendations CodeAstro Food Ordering System version 1.0: At the moment, there is no information about a newer version that contains a fix for this vulnerability.