Lucene search
China National Vulnerability DatabaseCNVD-2023-67066HistoryAug 19, 2023 - 12:00 a.m.
Online Travel Agency System Cross-Site Scripting Vulnerability
2023-08-1900:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
travel agency
cross-site scripting
vulnerability
insert parameter
web script
html
exploit
filtering
escaping
arbitrary execution
EPSS
0.001
Percentile
31.4%
Online Travel Agency System is an online travel agency system. Online Travel Agency System v1.0 version of a cross-site scripting vulnerability, the vulnerability stems from the insert.php parameter description of the user-supplied data lack of effective filtering and escaping, an attacker can exploit this vulnerability by injecting a well-designed payload to execute arbitrary Web script or HTML.
Related
cve
cve
CVE-2023-31942
2023-08-17 20:15:09
nvd
nvd
CVE-2023-31942
2023-08-17 20:15:09
prion
prion
Cross site scripting
2023-08-17 20:15:00
cvelist
cvelist
CVE-2023-31942
2023-08-17 00:00:00