RSS   Vulnerabilities for 'Car rental management system'   RSS

2021-08-16
 
CVE-2021-24519

CWE-79
 

 
The VikRentCar Car Rental Management System WordPress plugin before 1.1.10 does not sanitise the 'Text Next to Icon' field when adding or editing a Characteristic, allowing high privilege users such as admin to use XSS payload in it, leading to an authenticated Stored Cross-Site Scripting issue

 

 >>> Vendor: Vikwp 2 Products
Car rental management system
Hotel booking engine \& pms


Copyright 2024, cxsecurity.com

 

Back to Top