CVE-2023-36939

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jul 10, 2023

Updated: Dec 22, 2023

CWE ID 79

Summary

CVE-2023-36939 is a newly identified Cross-Site Scripting (XSS) vulnerability. This issue lies in the Hostel Management System v2.1, specifically in the search booking field. An attacker can exploit this flaw by injecting a malicious payload into the field, thereby executing arbitrary code on the affected user's browser. Successful exploitation could lead to session hijacking, data theft, or other malicious activities, making it essential for users to apply the necessary patches or upgrades promptly.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/rz8x4c
https://www.cve.org/CVERecord?id=CVE-2023-36939
https://nvd.nist.gov/vuln/detail/CVE-2023-36939

Back to Vulnerability Database

CVE-2023-36939

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations