Disclosure date: 10/24/19

    CVE-2019-18415
    CVE-2019-18416

    Restaurant Management System 1.0 is affected by a cross site scripting vulnerability that can be leveraged for session hijacking.  An attacker can exploit the XSS vulnerability, retrieve the session cookie from the administrator login, and take over the administrator account.  This vulnerability can be exploited with an authenticated and an unauthenticated account.


    Page 7 of 47

    © 2020 sevenlayers.com