2 matches found
CVE-2023-43376
A cross-site scripting XSS vulnerability in /hoteldruid/clienti.php of Hoteldruid v3.0.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the nometipotariffa1 parameter...
CVE-2023-43376
CVE-2023-43376 describes a cross-site scripting (XSS) vulnerability in Hoteldruid v3.0.5, exploitable via the nometipotariffa1 parameter on the /hoteldruid/clienti.php endpoint. The issue allows attackers to run arbitrary web scripts or HTML in victims’ browsers. Official records report a CVSS v3...