Vitthals

**Name of the Vulnerable Software and Affected Versions** DigitalDruid HotelDruid version 3.0.2 **Description** The issue is related to an XSS vulnerability in the prenota.php file, specifically affecting the `fineperiodo1` parameter. This allows for potential exploitation. No information is provided about the estimated number of affected devices or real-world incidents. **Recommendations** For DigitalDruid HotelDruid version 3.0.2, consider restricting access to the prenota.php file or the `fineperiodo1` parameter to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.