CVE-2023-43458

2023-09-2500:00:00

mitre

www.cve.org

cross site scripting

remote code execution

resort reservation system

cve-2023-43458

manage room

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.3%

JSON

Cross Site Scripting (XSS) vulnerability in Resort Reservation System v.1.0 allows a remote attacker to execute arbitrary code and obtain sensitive information via the room, name, and description parameters in the manage_room function.

References

samh4cks.github.io/posts/cve-2023-43458/

www.sourcecodester.com/php/16447/resort-reservation-system-php-and-sqlite3-source-code-free-download.html