Cross Site Scripting (XSS) vulnerability in Booking Core - Ultimate Booking System Booking Core 1.7.0 via the (1) "About Yourself�?� section under the �??My Profile�?� page, " (2) �??Hotel Policy�?� field under the �??Hotel Details�?� page, (3) �??Pricing code�?� and �??name�?� fields under the �??Manage Tour�?� page, and (4) all the labels under the �??Menu�?� section.