Home > Vulnerability Database > CVE-2023-29839

Mend.io Vulnerability Database

CVE-2023-29839

Date: May 2, 2023

A Stored Cross Site Scripting (XSS) vulnerability exists in multiple pages of Hotel Druid version 3.0.4, which allows arbitrary execution of commands. The vulnerable fields are Surname, Name, and Nickname in the Document function.

Language: PHP

Severity Score

5.4

Related Resources (4)

Url: https://github.com/jichngan/CVE-2023-29839

Url: https://security-tracker.debian.org/tracker/CVE-2023-29839

Url: https://nvd.nist.gov/vuln/detail/CVE-2023-29839

Url: https://www.mend.io/vulnerability-database/CVE-2023-29839

Severity Score

5.4

Weakness Type (CWE)

Cross-Site Scripting (XSS)

CWE-79

CVSS v3.1

Base Score:	5.4
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	REQUIRED
Scope (S):	CHANGED
Confidentiality (C):	LOW
Integrity (I):	LOW
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2023-29839

Date: May 2, 2023

Language: PHP

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?