CVE-2023-49269

CVSS V2 None CVSS V3 None
Description
Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'adults' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.
Overview
  • CVE ID
  • CVE-2023-49269
  • Assigner
  • Fluid Attacks
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-12-20T17:41:53.093Z
  • Last Modified Date
  • 2023-12-20T17:41:53.093Z
References
Reference URL Reference Tags
https://fluidattacks.com/advisories/lang/ third-party-advisory
https://www.kashipara.com/ product
History
Created Old Value New Value Data Type Notes
2024-06-25 13:02:14 Added to TrackCVE