2 matches found
CVE-2020-18102
Cross Site Scripting XSS in HotelsServer v1.0 allows remote attackers to execute arbitrary code by injecting crafted commands the data fields in the component "/controller/publishHotel.php"...
CVE-2020-18102
Hotels_Server v1.0 contains a Cross Site Scripting (XSS) vulnerability allowing remote code execution by injecting crafted commands into data fields of the /controller/publishHotel.php component. The root cause is improper input handling in those fields. This is reported across NVD, Red Hat, PRIO...