Vulnerability-Lookup

CNVD-2023-101091

Vulnerability from cnvd - Published: 2023-12-27

Title

Hotel Management System adults参数跨站脚本漏洞

Description

Hotel Management System是一个基于酒店管理系统的MIS项目。 Hotel Management System v1.0存在跨站脚本漏洞，该漏洞源于servation.php中的adults参数以纯文本形式复制到HTML文档中的tags之间，任何输入都会在应用程序的响应中未经修改地回显。攻击者可利用该漏洞通过注入精心设计的有效载荷执行任意Web脚本或HTML。

Severity

中

Formal description

厂商尚未提供漏洞修复方案，请关注厂商主页更新： https://nvd.nist.gov/vuln/detail/CVE-2023-49269

Reference

https://www.kashipara.com/

Impacted products

Name
Hotel Management System Hotel Management System v1.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-49269",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-49269"
    }
  },
  "description": "Hotel Management System\u662f\u4e00\u4e2a\u57fa\u4e8e\u9152\u5e97\u7ba1\u7406\u7cfb\u7edf\u7684MIS\u9879\u76ee\u3002\n\nHotel Management System v1.0\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eservation.php\u4e2d\u7684adults\u53c2\u6570\u4ee5\u7eaf\u6587\u672c\u5f62\u5f0f\u590d\u5236\u5230HTML\u6587\u6863\u4e2d\u7684tags\u4e4b\u95f4\uff0c\u4efb\u4f55\u8f93\u5165\u90fd\u4f1a\u5728\u5e94\u7528\u7a0b\u5e8f\u7684\u54cd\u5e94\u4e2d\u672a\u7ecf\u4fee\u6539\u5730\u56de\u663e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u6ce8\u5165\u7cbe\u5fc3\u8bbe\u8ba1\u7684\u6709\u6548\u8f7d\u8377\u6267\u884c\u4efb\u610fWeb\u811a\u672c\u6216HTML\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u590d\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u66f4\u65b0\uff1a\r\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-49269",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2023-101091",
  "openTime": "2023-12-27",
  "products": {
    "product": "Hotel Management System Hotel Management System v1.0"
  },
  "referenceLink": "https://www.kashipara.com/",
  "serverity": "\u4e2d",
  "submitTime": "2023-12-22",
  "title": "Hotel Management System adults\u53c2\u6570\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}

CVE-2023-49269 (GCVE-0-2023-49269)

Vulnerability from cvelistv5 – Published: 2023-12-20 17:41 – Updated: 2025-05-19 14:46

Title

Hotel Management v1.0 - Multiple Reflected Cross-Site Scripting (XSS)

Summary

Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'adults' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed unmodified in the application's response.

Severity ?

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

Fluid Attacks

References

URL

Tags

	https://fluidattacks.com/advisories/lang/	third-party-advisory
	https://www.kashipara.com/	product

Impacted products

	Vendor	Product	Version
	Kashipara Group	Hotel Management	Affected: 1.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T21:53:45.107Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "https://fluidattacks.com/advisories/lang/"
          },
          {
            "tags": [
              "product",
              "x_transferred"
            ],
            "url": "https://www.kashipara.com/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Hotel Management",
          "vendor": "Kashipara Group",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        }
      ],
      "datePublic": "2023-12-06T17:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eHotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The \u0027adults\u0027 parameter of the reservation.php resource\u0026nbsp;is copied into the HTML document as plain text\u0026nbsp;between tags. Any input is echoed unmodified in the\u0026nbsp;application\u0027s response.\u003c/p\u003e"
            }
          ],
          "value": "Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The \u0027adults\u0027 parameter of the reservation.php resource\u00a0is copied into the HTML document as plain text\u00a0between tags. Any input is echoed unmodified in the\u00a0application\u0027s response."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-63",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-63 Cross-Site Scripting (XSS)"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-19T14:46:06.910Z",
        "orgId": "84fe0718-d6bb-4716-a7e8-81a6d1daa869",
        "shortName": "Fluid Attacks"
      },
      "references": [
        {
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://fluidattacks.com/advisories/lang/"
        },
        {
          "tags": [
            "product"
          ],
          "url": "https://www.kashipara.com/"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Hotel Management v1.0 - Multiple Reflected Cross-Site Scripting (XSS)",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "84fe0718-d6bb-4716-a7e8-81a6d1daa869",
    "assignerShortName": "Fluid Attacks",
    "cveId": "CVE-2023-49269",
    "datePublished": "2023-12-20T17:41:53.093Z",
    "dateReserved": "2023-11-24T16:25:53.192Z",
    "dateUpdated": "2025-05-19T14:46:06.910Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2023-101091

CVE-2023-49269 (GCVE-0-2023-49269)

Tags

Sightings

Nomenclature