A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function.
References
Link | Resource |
---|---|
https://github.com/jichngan/CVE-2023-29839 | Exploit |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-05-03T00:00:00
Updated: 2023-05-03T00:00:00
Reserved: 2023-04-07T00:00:00
Link: CVE-2023-29839
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-05-03T03:15:08.137
Modified: 2023-05-09T17:08:54.440
Link: CVE-2023-29839
JSON object: View
Redhat Information
No data.
CWE