PT-2025-30086 · Hotelmis · Hotelmis

Dev03303

·

Publicado

2025-07-18

·

Atualizado

2025-07-19

·

CVE-2025-7800

CVSS v2.0

4.0

Média

VetorAV:N/AC:L/Au:S/C:N/I:P/A:N
Name of the Vulnerable Software and Affected Versions cgpandey hotelmis versions prior to c572198e6c4780fccc63b1d3e8f3f72f825fc94e
Description A problematic issue exists in the admin.php file's HTTP GET Request Handler component. Manipulation of the Search argument can lead to cross-site scripting. The attack can be initiated remotely. The product uses a rolling release model, and no specific version details for affected or updated releases are available.
Recommendations Update to version c572198e6c4780fccc63b1d3e8f3f72f825fc94e or later.

Correção

Code Injection

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-94CWE-79

Identificadores relacionados

CVE-2025-7800

Produtos afetados

Hotelmis