CVE-2022-22909

Published March 3rd, 2022

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module.

0z09e/CVE-2022-22909

Hotel Druid 3.0.3 Code Injection to Remote Code Execution

GitHub