Vulnerabilities > Resortdata > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-07 | CVE-2023-39422 | Unspecified vulnerability in Resortdata Internet Reservation Module Next Generation The /irmdata/api/ endpoints exposed by the IRM Next Generation booking engine authenticates requests using HMAC tokens. | 9.8 |
| 2023-09-07 | CVE-2023-39423 | Unspecified vulnerability in Resortdata Internet Reservation Module Next Generation 5.3.2.15 The RDPData.dll file exposes the /irmdata/api/common endpoint that handles session IDs, among other features. | 9.1 |