CVE-2025-67922

Name of the Vulnerable Software and Affected Versions ThemeGoods Grand Restaurant versions prior to 7.0.9

Description The software contains a flaw due to improper neutralization of input during web page generation, leading to a Reflected Cross-site Scripting (XSS) condition. This allows an attacker to inject malicious scripts into web pages viewed by other users. The vulnerability exists because the application does not properly sanitize user-supplied data before including it in the generated web page. This could allow an attacker to execute arbitrary JavaScript code in the context of the user's browser.

Recommendations Update ThemeGoods Grand Restaurant to version 7.0.9 or later.