CVE-2023-29839

A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:digitaldruid:hotel_druid:3.0.4:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-05-03 03:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-29839

Mitre link : CVE-2023-29839

CVE.ORG link : CVE-2023-29839


JSON object : View

Products Affected

digitaldruid

  • hotel_druid
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')