Vulnerabilities > Digitaldruid > Hoteldruid > 3.0.4

DATE CVE VULNERABILITY TITLE RISK
2023-11-10 CVE-2023-47164 Cross-site Scripting vulnerability in Digitaldruid Hoteldruid
Cross-site scripting vulnerability in HOTELDRUID 3.0.5 and earlier allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.
network
low complexity
digitaldruid CWE-79
6.1
6.1
2023-05-03 CVE-2023-29839 Cross-site Scripting vulnerability in Digitaldruid Hoteldruid 3.0.4
A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands.
network
low complexity
digitaldruid CWE-79
5.4
5.4