Описание
Cross Site Scripting (XSS) vulnerability in Booking Core - Ultimate Booking System Booking Core 1.7.0 via the (1) "About Yourself” section under the “My Profile” page, " (2) “Hotel Policy” field under the “Hotel Details” page, (3) “Pricing code” and “name” fields under the “Manage Tour” page, and (4) all the labels under the “Menu” section.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:bookingcore:booking_core:1.7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00185
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
больше 3 лет назад
Cross Site Scripting (XSS) vulnerability in Booking Core - Ultimate Booking System Booking Core 1.7.0 via the (1) "About Yourself” section under the “My Profile” page, " (2) “Hotel Policy” field under the “Hotel Details” page, (3) “Pricing code” and “name” fields under the “Manage Tour” page, and (4) all the labels under the “Menu” section.
EPSS
Процентиль: 41%
0.00185
Низкий
5.4 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79