Code-Projects Simple Cafe Ordering System Cross-Site Scripting Vulnerability

A reflected cross-site scripting vulnerability has been identified in Code-Projects Simple Cafe Ordering System version 1.0. The issue arises in the '/add_to_cart' file, where the 'product_name' argument can be manipulated to inject malicious scripts. This vulnerability can be exploited remotely, and a public exploit is available.

Impact

Exploitation of this vulnerability allows for the execution of arbitrary JavaScript in the context of another user's browser. This could lead to session hijacking, unauthorized actions on behalf of the user, or phishing attacks.

Reproduction

To reproduce this vulnerability, log in as a regular user and send a POST request to the '/add_to_cart' endpoint. Include a manipulated 'product_name' value that contains a script tag, such as a JavaScript alert. Once the request is processed, access the page where the input is rendered, such as the shopping cart or product detail page. The injected script will execute when another user views the page.

Remediation

It is recommended to sanitize output by using functions like 'htmlspecialchars()' to encode user-controlled input before rendering it on the page. Implement input validation to restrict allowed characters and patterns, particularly in critical fields such as product names. Applying a strict Content Security Policy can also help prevent the execution of unauthorized scripts. Ensure that dynamic content is always sanitized before display, and set proper HTTP headers to enhance security.