Multiple Cross Site Scripting (XSS) Vulnerabilities in Booking Core - Ultimate Booking System Booking Core 1.7.0

Multiple Cross Site Scripting (XSS) Vulnerabilities in Booking Core - Ultimate Booking System Booking Core 1.7.0

CVE-2020-25444 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Cross Site Scripting (XSS) vulnerability in Booking Core - Ultimate Booking System Booking Core 1.7.0 via the (1) "About Yourself” section under the “My Profile” page, " (2) “Hotel Policy” field under the “Hotel Details” page, (3) “Pricing code” and “name” fields under the “Manage Tour” page, and (4) all the labels under the “Menu” section.

Learn more about our Web Application Penetration Testing UK.