CVE Details
Basic Information
| Title | CVE-2025-48286 |
|---|---|
| Type | cve |
| Published | 2025-05-23T13:15:44 |
| Last Seen | 2025-05-23T13:56:07 |
CVSS Information
| Base Score | 7.1 (HIGH) |
|---|---|
| Attack Vector | NETWORK |
| Attack Complexity | LOW |
| Privileges Required | NONE |
| User Interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality Impact | LOW |
| Integrity Impact | LOW |
| Availability Impact | LOW |
AI Analysis
| AI Description | A reflected cross-site scripting (XSS) vulnerability in catkin ReDi Restaurant Reservation allows attackers to inject malicious scripts into web pages viewed by users. The vulnerability is due to improper neutralization of user input during web page generation. This could allow an attacker to execute arbitrary scripts in the context of the victim’s browser, potentially leading to session hijacking or other malicious activities. |
|---|---|
| AI Severity | High |
| Vendor | catkin |
| Product | ReDi Restaurant Reservation |
| Affected Version |
Additional Information
| CVE List | CVE-2025-48286 |
|---|---|
| CWE List | CWE-79 |
| Bulletin Family | cve |
Description
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in catkin ReDi Restaurant Reservation allows Reflected XSS. This issue affects ReDi Restaurant Reservation:…
CVSS Score Summary
Base Score: %!f(string=#) (HIGH)