PT-2025-29815 · Unknown · Ezihosting Tennis Court Bookings

Nguyen Xuan Chien

Published

2025-07-16

Updated

2025-07-16

CVE-2025-52787

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions EZiHosting Tennis Court Bookings versions through 1.2.7

Description The software contains a Reflected Cross-site Scripting (XSS) issue due to improper neutralization of input during web page generation. This allows an attacker to inject malicious scripts into web pages viewed by other users.

Recommendations Update EZiHosting Tennis Court Bookings to a version later than 1.2.7.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-52787

Affected Products

Ezihosting Tennis Court Bookings

PT-2025-29815 · Unknown · Ezihosting Tennis Court Bookings

CVE-2025-52787

Weakness Enumeration

Related Identifiers

Affected Products

References · 5