Description


A Stored Cross Site Scripting (XSS) vulnerability was found in "/core/signup_user.php" of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via the "user_email" parameter.

Related CPE's


Could not find any relations

Weaknesses



CWE-79

CVSS impact metrics


CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N

4.7 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Received

Published

2024-08-22T16:15:09.640

3 weeks ago

Last modified

2024-08-22T16:35:07.240

3 weeks ago