Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers "Book Me" function. Within the Name and Note (aka custName and custNote) sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user's browser.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2018-03-17T13:00:00

Updated: 2024-08-05T07:02:26.032Z

Reserved: 2018-03-15T00:00:00

Link: CVE-2018-8737

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-03-17T13:29:00.237

Modified: 2024-11-21T04:14:14.410

Link: CVE-2018-8737

cve-icon Redhat

No data.