CVE-2025-48286 – ReDi Restaurant Reservation Cross-site Scripting

May 23, 2025

CVE ID : CVE-2025-48286

Published : May 23, 2025, 1:15 p.m. | 2 hours, 24 minutes ago

Description : Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in catkin ReDi Restaurant Reservation allows Reflected XSS. This issue affects ReDi Restaurant Reservation: from n/a through 24.1209.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-5107 – Fujian Kelixun SQL Injection Vulnerability

Next Article CVE-2025-48275 – Dastan800 Visual Header Missing Authorization Vulnerability

Highlights

CVE-2025-7627 – YiJiuSmile kkFileViewOfficeEdit Unrestricted File Upload Vulnerability

July 14, 2025

CVE ID : CVE-2025-7627

Published : July 14, 2025, 6:15 p.m. | 34 minutes ago

Description : A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to 5fbc57c48e8fe6c1b91e0e7995e2d59615f37abd and classified as critical. Affected by this issue is the function fileUpload of the file /fileUpload. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

The best AirTag alternative for Samsung users is currently 30% off

One of the biggest new features on the Google Pixel 10 is also one of the most overlooked

I tested these viral ‘crush-proof’ Bluetooth speakers, and they’re not your average portables

I compared the best smartwatches from Google and Apple – and there’s a clear winner

MongoDB Data Types

MongoDB Data Types

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Microsoft Teams updated with a feature you probably thought already existed — “Can you hear me?” is now a thing of the past

Xbox Game Pass gets Gears of War: Reloaded, Dragon Age: The Veilguard, and more — here’s what is coming through the rest of August

Resident Evil ‘9’ Requiem has some of the most incredible lighting I’ve seen in a game — and Capcom uses it as a weapon

CVE-2025-48286 – ReDi Restaurant Reservation Cross-site Scripting

Blue Locker ransomware hits critical infrastructure – is your organisation ready?

GeoServer Exploits, PolarEdge, and Gayfemboy Push Cybercrime Beyond Traditional Botnets

Add Paramount+, STARZ, and more to your Prime Video account for $0.99 a month – here’s how

CVE-2025-21475 – Apache Struts Memory Corruption Vulnerability

Microsoft Secures MSA Signing with Azure Confidential VMs Following Storm-0558 Breach

CVE-2025-6020 – Linux-PAM pam_namespace Path Traversal Privilege Escalation Vulnerability

CVE-2025-7627 – YiJiuSmile kkFileViewOfficeEdit Unrestricted File Upload Vulnerability

How to Connect to Hilton WiFi

Google Launches DBSC Open Beta in Chrome and Enhances Patch Transparency via Project Zero

Openbaar Ministerie koppelt digitale omgeving los van internet vanwege kwetsbaarheid

CVE-2025-48286 – ReDi Restaurant Reservation Cross-site Scripting

Related Posts