Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'children' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: Fluid Attacks

Published: 2023-12-20T19:25:08.511Z

Updated: 2024-08-02T21:53:44.990Z

Reserved: 2023-11-24T16:25:53.193Z

Link: CVE-2023-49272

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-12-20T20:15:20.010

Modified: 2024-11-21T08:33:09.540

Link: CVE-2023-49272

cve-icon Redhat

No data.