{"id":75942,"date":"2026-01-29T21:46:10","date_gmt":"2026-01-29T18:16:10","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2026-1598-bdtask-bhojon-all-in-one-restaurant-management-system-user-information-profile-cross-site-scripting\/"},"modified":"2026-01-29T21:46:10","modified_gmt":"2026-01-29T18:16:10","slug":"cve-2026-1598-bdtask-bhojon-all-in-one-restaurant-management-system-user-information-profile-cross-site-scripting","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2026-1598-bdtask-bhojon-all-in-one-restaurant-management-system-user-information-profile-cross-site-scripting\/","title":{"rendered":"CVE-2026-1598 &#8211; Bdtask Bhojon All-In-One Restaurant Management System User Information profile cross site scripting"},"content":{"rendered":"<p>CVE ID : CVE-2026-1598<\/p>\n<p>Published :  Jan. 29, 2026, 6:16 p.m. | 53\u00a0minutes ago<\/p>\n<p>Description : A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file \/dashboard\/home\/profile of the component User Information Module. Performing a manipulation of the argument fullname results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.<\/p>\n<p>Severity: 5.1 | MEDIUM<\/p>\n<p>Visit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2026-1598 Published : Jan. 29, 2026, 6:16 p.m. | 53\u00a0minutes ago Description : A vulnerability was found in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. Impacted is an unknown function of the file \/dashboard\/home\/profile of the component User Information Module. Performing a manipulation of the argument fullname results in cross &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-75942","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/75942","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=75942"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/75942\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=75942"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=75942"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=75942"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}