CVE-2025-10827 is a cross-site scripting (XSS) vulnerability identified in PHPJabbers Restaurant Menu Maker versions up to 1.1. The vulnerability resides in the /preview.php file, specifically in the handling of the 'theme' parameter. An attacker can manipulate this parameter to inject malicious scripts that execute in the context of the victim's browser. This vulnerability is exploitable remotely without requiring authentication, and user interaction is necessary to trigger the malicious payload (e.g., by visiting a crafted URL). The CVSS 4.0 base score of 5.3 reflects a medium severity, indicating moderate impact and ease of exploitation. The vulnerability affects confidentiality minimally, as it does not directly expose sensitive data, but it can impact integrity and availability by enabling script injection that could hijack user sessions, deface content, or redirect users to malicious sites. The scope is limited to the web application and its users, with no privilege escalation or system-level compromise indicated. No patches or fixes have been linked yet, and no known exploits are reported in the wild, though the exploit code is publicly available, increasing the risk of opportunistic attacks.

For European organizations using PHPJabbers Restaurant Menu Maker, this XSS vulnerability poses a risk primarily to the integrity and trustworthiness of their web presence. Attackers could exploit this flaw to execute malicious scripts in the browsers of customers or staff interacting with the restaurant menu interface, potentially leading to session hijacking, phishing, or distribution of malware. This could damage brand reputation, lead to loss of customer trust, and potentially result in regulatory scrutiny under GDPR if personal data is compromised through subsequent attacks. The impact is more pronounced for organizations with high web traffic or those relying heavily on online ordering and customer interaction through the affected software. Additionally, compromised websites could be used as vectors for broader attacks against European users, amplifying the threat landscape.

Organizations should immediately review their use of PHPJabbers Restaurant Menu Maker and identify if versions 1.0 or 1.1 are deployed. Until an official patch is released, practical mitigations include implementing web application firewall (WAF) rules to detect and block suspicious input patterns targeting the 'theme' parameter in /preview.php. Input validation and output encoding should be enforced at the application level to sanitize user-supplied data. If possible, disable or restrict access to the /preview.php endpoint or the vulnerable parameter. Monitoring web server logs for unusual or repeated requests to this endpoint can help detect exploitation attempts. Organizations should also educate users about the risks of clicking on suspicious links and consider deploying Content Security Policy (CSP) headers to limit the impact of injected scripts. Finally, maintain vigilance for vendor updates or patches and apply them promptly once available.