CVE-2025-12300
BaseFortify
Publication date: 2025-10-27
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| fabian | simple_food_ordering_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-12300 is a stored Cross-Site Scripting (XSS) vulnerability in version 1.0 of the Simple Food Ordering System, specifically in the /addcategory.php file. It occurs because the application does not properly sanitize or encode user input submitted via the 'cname' parameter. This input is stored on the server and later displayed to users without adequate neutralization, allowing attackers to inject malicious scripts that execute in the browsers of users who view the affected page. The vulnerability can be exploited remotely without authentication but requires user interaction, such as clicking a crafted link. The flaw allows attackers to execute arbitrary scripts in the context of the web application, leading to potential unauthorized actions and data compromise. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can have several serious impacts including unauthorized actions performed on behalf of authenticated users, theft of sensitive information, session hijacking, account takeover, phishing attacks, malware distribution, and defacement of the website. Because the malicious scripts are stored persistently on the server, every user who accesses the affected page may be exposed to these attacks. This can lead to loss of user trust, business disruption, and compromise of user data and sessions. [2, 3]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability can lead to regulatory compliance violations such as those under GDPR because it enables unauthorized access to sensitive user data and can result in data breaches. The exploitation of this XSS flaw may cause exposure of personal information, session hijacking, and unauthorized actions, all of which can violate data protection and privacy requirements mandated by regulations like GDPR and HIPAA. [3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability can be detected by identifying instances of the vulnerable file /addcategory.php in the Simple Food Ordering System version 1.0. One suggested method is using Google dorking with the query "inurl:addcategory.php" to find potentially vulnerable targets. Additionally, testing the "cname" parameter by injecting typical XSS payloads such as `<script>alert(1)</script>` and observing if the script executes can confirm the presence of the vulnerability. There are no specific network commands provided, but manual or automated web application scanning tools targeting the "cname" parameter in /addcategory.php can be used to detect the issue. [1, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing context-aware output encoding when displaying user input, for example using PHP's htmlspecialchars function on the "cname" parameter output. Enforce strict Content Security Policy (CSP) headers with nonce- or hash-based inline script restrictions and trusted script sources. Validate inputs using whitelists for expected data types and lengths, rejecting suspicious patterns. Apply security headers such as X-Content-Type-Options: nosniff, X-Frame-Options: DENY, and X-XSS-Protection: 1; mode=block. Use modern web frameworks with built-in XSS protections and security-focused template engines. Additionally, consider replacing the affected product with an alternative solution as no known mitigations or countermeasures have been documented. Regular developer security training, automated security testing, and continuous monitoring with Web Application Firewalls (WAF) and security audits are also recommended. [1, 2, 3]