Cross-Site Scripting (XSS) Vulnerability in SourceCodester Hotel Management System 2.0

Cross-Site Scripting (XSS) Vulnerability in SourceCodester Hotel Management System 2.0

CVE-2022-2291 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

A vulnerability was found in SourceCodester Hotel Management System 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /ci_hms/search of the component Search. The manipulation of the argument search with the input "><script>alert("XSS")</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Learn more about our Web Application Penetration Testing UK.