Lucene search

VulDBCVE-2022-2686

HistoryAug 06, 2022 - 7:15 a.m.

CVE-2022-2686

2022-08-0607:15:07

CWE-79

VulDB

web.nvd.nist.gov

cve-2022-2686

vulnerability

oretnom23

fast food ordering system

remote attack

cross site scripting

CVSS3

5.4

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

AI Score

5.2

Confidence

High

EPSS

0.001

Percentile

21.4%

JSON

A vulnerability, which was classified as problematic, was found in oretnom23 Fast Food Ordering System. This affects an unknown part of the component Menu List Page. The manipulation of the argument Description leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205725 was assigned to this vulnerability.

Affected configurations

Nvd

Node

fast_food_ordering_system_projectfast_food_ordering_systemMatch-

VendorProductVersionCPE
fast_food_ordering_system_projectfast_food_ordering_system-cpe:2.3:a:fast_food_ordering_system_project:fast_food_ordering_system:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fast_food_ordering_system_project	fast_food_ordering_system	-	cpe:2.3:a:fast_food_ordering_system_project:fast_food_ordering_system:-:::::::*

CNA Affected

[
  {
    "product": "Fast Food Ordering System",
    "vendor": "oretnom23",
    "versions": [
      {
        "status": "affected",
        "version": "n/a"
      }
    ]
  }
]

References

github.com/L1917/Fast-Food-Ordering-System/blob/main/Fast-Food-Ordering-System.md

vuldb.com/?id.205725

Social References