Arbitrary JavaScript Execution Vulnerability in Hotel Druid Application (Version 3.0.2)
CVE-2021-37833 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
A reflected cross-site scripting (XSS) vulnerability exists in multiple pages in version 3.0.2 of the Hotel Druid application that allows for arbitrary execution of JavaScript commands.
Learn more about our Web Application Penetration Testing UK.