DigitalDruid HotelDruid 3.0.2 has an XSS vulnerability in prenota.php affecting the fineperiodo1 parameter.
References
Link | Resource |
---|---|
https://www.hoteldruid.com | Product |
https://vitthals.github.io/writeups/CVEs/Hoteldruid%203.0.2%20XSS | Exploit Third Party Advisory |
Configurations
Information
Published : 2021-08-26 06:15
Updated : 2021-08-27 14:10
NVD link : CVE-2021-38559
Mitre link : CVE-2021-38559
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
digitaldruid
- hoteldruid