0z09e/CVE-2022-22909

Releases0

Stars5

Hotel Druid 3.0.3 Code Injection to Remote Code Execution

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-22909 ↗	Mar 3, 2022Thursday, 3 March 2022, 00:15	8.8 HIGH	6.5 MEDIUM
HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module.