0202H

**Name of the Vulnerable Software and Affected Versions** alokjaiswal Hotel-Management-services-using-MYSQL-and-php versions prior to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f **Description** A cross site scripting issue exists in alokjaiswal Hotel-Management-services-using-MYSQL-and-php. The issue is located in the `/usersub.php` file within the Request Pending Page component, affecting an unknown function. The attack can be initiated remotely. The exploit has been publicly disclosed. The product utilizes a rolling release model, and no specific version details for affected or updated releases are available. The vendor was contacted regarding this disclosure but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** alokjaiswal Hotel-Management-services-using-MYSQL-and-php versions up to 5f8b60a7aa6c06a5632de569d4e3f6a8cd82f76f **Description** A security issue exists in alokjaiswal Hotel-Management-services-using-MYSQL-and-php. The issue is related to cross site scripting, which can be triggered by manipulating the `item.name` argument in the `/dishsub.php` file. The attack can be launched remotely. The exploit has been made public. The product uses a rolling release model, so specific version details for fixes are unavailable. The vendor was contacted but did not respond. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.