Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'children' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: Fluid Attacks
Published: 2023-12-20T19:25:08.511Z
Updated: 2024-08-02T21:53:44.990Z
Reserved: 2023-11-24T16:25:53.193Z
Link: CVE-2023-49272
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-12-20T20:15:20.010
Modified: 2024-11-21T08:33:09.540
Link: CVE-2023-49272
Redhat
No data.