PT-2025-41578 · Code Projects · Simple Online Hotel Reservation System
Chen1-Boop
·
Published
2025-10-10
·
Updated
2025-10-11
·
CVE-2025-60308
CVSS v3.1
4.1
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
code-projects Simple Online Hotel Reservation System version 1.0
Description
The Simple Online Hotel Reservation System contains a Cross Site Scripting (XSS) issue within the Add Room function. Specifically, entering malicious JavaScript code into the Description field can lead to the leakage of administrator cookie information when viewing room details. The vulnerable function is
Add Room.Recommendations
Sanitize user input in the Description field of the Add Room function to prevent the injection of malicious JavaScript code.
Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Simple Online Hotel Reservation System