Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-29839: GitHub - jichngan/CVE-2023-29839: Hotel Druid 3.0.4 Stored Cross Site Scripting Vulnerability

A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function.

CVE
Open in Source
#xss#vulnerability#web#git#php

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

1 branch 0 tags

Code

  • Use Git or checkout with SVN using the web URL.

  • Open with GitHub Desktop

  • Download ZIP

Latest commit

Files

Permalink

Failed to load latest commit information.

Type

Name

Latest commit message

Commit time

CVE-2023-29839 Hotel Druid 3.0.4 Stored Cross Site Scripting Vulnerability

CMS Link: https://www.hoteldruid.com/

Version Affected: 3.0.4

Severity & CVSS: TODO: Update when MITRE publishes CVE

A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages in Version 3.0.4 of the Hotel Druid application that allows for arbitrary execution of commands.

Vulnerable Fields: Surname, Name, Nickname in the “Document” function

Affected Links: /visualizza_contratto.php

Triggering the payload: Visit the Example document preview function

Remediation: Update to HotelDruid version 3.0.5

Steps to Reproduce:

  1. Enter a XSS payload into a client’s name. This can be done during room reservation or a brand new registration of a client. The payload used is <script>alert(document.domain)</script>

  2. Navigate to “Clients” tab and select the client with the XSS payload by clicking on the “N” column

  3. In this page, there are 2 ways to trigger the stored XSS payload. The first is by viewing the Example document in the top right hand corner of the page

  4. The second way to trigger the XSS payload is to navigate to the bottom of the page where you can modify the client’s data

  5. Once again, select the Example document and click on “View”

  6. There are also other methods to trigger the XSS payload. By navigating to “Reservations” and modifying the client’s reservation

  7. Scroll to the bottom of the page and once again select the Example document and click on “View”

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE