jichngan

1 exploit Active since May 2023
CVE-2023-29839 NOMISEC MEDIUM WRITEUP
HotelDruid 3.0.4 - Stored Cross-Site Scripting via Document Surname Name or Nickname Fields
A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function.
1 stars
CVSS 5.4