CVE-2018-8737
Bookme Control Panel 2.0 Application is vulnerable to stored XSS in the Customers “Book Me” function. The vulnerability stems from unsanitized input in the Name and Note fields (custName and custNote) being rendered as JavaScript in the user’s browser. The CVE/NVD entries confirm the affected pro...