216.73.217.80

CVE-2025-13202

· Published 15/11/2025 17:15 · Modified 19/11/2025 13:19

Labels: CVE-2025-13202 2025-11-15CVE-2025-13202CWE-79[email protected]

Essential information

Published
15/11/2025 17:15
Modified
19/11/2025 13:19
Author
Creator
CVSS
5.1 MEDIUM (v3) 5.1 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A security flaw has been discovered in code-projects Simple Cafe Ordering System 1.0. This affects an unknown part of the file /add_to_cart. Performing manipulation of the argument product_name results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been released to the public and may be exploited.

NVD status

Status
Analyzed — CVE has had analysis completed and all data associations made.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
fabian / simple cafe ordering system cpe:2.3:a:fabian:simple_cafe_ordering_system:1.0:*:*:*:*:*:*:*

References