CVE-2026-1598 | Bdtask Bhojon All-In-One Restaurant Management System up to 20260116 User Information /dashboard/home/profile fullname cross site scripting

A vulnerability identified as problematic has been detected in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file /dashboard/home/profile of the component User Information Module. Performing a manipulation of the argument fullname results in cross site scripting.

This vulnerability is cataloged as CVE-2026-1598. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-1598 | Bdtask Bhojon All-In-One Restaurant Management System up to 20260116 User Information /dashboard/home/profile fullname cross site scripting

Post correlati

CVE-2024-23808 | OpenHarmony up to 4.0.0 Pre-installed Apps out-of-bounds

CVE-2024-43319 | bPlugins Flash & HTML5 Video Plugin up to 2.5.31 on WordPress information disclosure

CVE-2025-9870 | Razer Synapse 3 RazerPhilipsHueUninstall Local Privilege Escalation

CVE-2024-12035 | Chimpstudio CS Framework Plugin up to 6.9 on WordPress wp-config.php cs_widget_file_delete path traversal