Getshell

**Name of the Vulnerable Software and Affected Versions** SourceCodester Multi Language Hotel Management Software version 1.0 **Description** A problematic issue has been found in the software, affecting the file ajax.php of the component POST Parameter Handler. The manipulation of the `complaint type` argument with the input `<script>alert(document.cookie)</script>` leads to cross-site scripting. The attack can be initiated remotely. **Recommendations** For SourceCodester Multi Language Hotel Management Software version 1.0, as a temporary workaround, consider restricting the input for the `complaint type` argument in the ajax.php file to minimize the risk of cross-site scripting exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.