Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'check_out_date' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2023-12-20T19:24:15.907Z
Updated: 2024-09-13T15:03:11.548Z
Reserved: 2023-11-24T16:25:53.193Z
Link: CVE-2023-49271
Vulnrichment
Updated: 2024-08-02T21:53:45.462Z
NVD
Status : Modified
Published: 2023-12-20T20:15:19.800
Modified: 2024-11-21T08:33:09.403
Link: CVE-2023-49271
Redhat
No data.