CVE-2024-0504

Name of the Vulnerable Software and Affected Versions code-projects Simple Online Hotel Reservation System version 1.0

Description A vulnerability has been found in the code-projects Simple Online Hotel Reservation System, affecting the file add reserve.php of the Make a Reservation Page component. The issue arises from the manipulation of the Firstname and Lastname arguments with malicious input, such as <script>alert(1)</script>, leading to cross-site scripting. This attack can be initiated remotely.

Recommendations For code-projects Simple Online Hotel Reservation System version 1.0, consider disabling the add reserve.php file or restricting access to it until a patch is available. Additionally, avoid using the Firstname and Lastname arguments in the affected component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.