PT-2023-30339 · Unknown+1 · Hoteldruid+1
Tomoro Taniguchi
·
Publicado
2023-11-10
·
Atualizado
2023-11-16
·
CVE-2023-47164
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
HOTELDRUID versions 3.0.5 and earlier
Description
A cross-site scripting issue allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product. This enables the attacker to perform actions as the victim user.
Recommendations
For HOTELDRUID versions 3.0.5 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Debian
Hoteldruid