Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_in_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2023-12-20T19:21:34.658Z
Updated: 2024-08-27T15:03:03.587Z
Reserved: 2023-11-24T16:25:53.193Z
Link: CVE-2023-49270
Vulnrichment
Updated: 2024-08-02T21:53:44.653Z
NVD
Status : Modified
Published: 2023-12-20T20:15:19.597
Modified: 2024-11-21T08:33:09.250
Link: CVE-2023-49270
Redhat
No data.