A cross-site scripting (XSS) vulnerability in /hoteldruid/visualizza_contratto.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the destinatario_email1 parameter.
Metrics
Affected Vendors & Products
References
History
Tue, 24 Sep 2024 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-79 | |
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-09-20T00:00:00
Updated: 2024-09-24T17:49:47.785Z
Reserved: 2023-09-18T00:00:00
Link: CVE-2023-43377
Vulnrichment
Updated: 2024-08-02T19:37:23.720Z
NVD
Status : Modified
Published: 2023-09-20T19:15:12.723
Modified: 2024-11-21T08:24:05.147
Link: CVE-2023-43377
Redhat
No data.