CVE-2023-29839

A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function.
Configurations

Configuration 1 (hide)

cpe:2.3:a:digitaldruid:hotel_druid:3.0.4:*:*:*:*:*:*:*

History

21 Nov 2024, 07:57

Type Values Removed Values Added
References () https://github.com/jichngan/CVE-2023-29839 - Exploit () https://github.com/jichngan/CVE-2023-29839 - Exploit

Information

Published : 2023-05-03 03:15

Updated : 2024-11-21 07:57


NVD link : CVE-2023-29839

Mitre link : CVE-2023-29839

CVE.ORG link : CVE-2023-29839


JSON object : View

Products Affected

digitaldruid

  • hotel_druid
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')