CNNVD-202507-2879 Information

CNNVD ID

CNNVD-202507-2879

Related CVE

CVE-2025-4294

• CNNVD Published: 2025-07-22

Description (Chinese)

HotelRunner B2B是土耳其HotelRunner公司的一个为酒店行业提供业务管理与合作的软件工具。 HotelRunner B2B 04.06.2025之前版本存在跨站脚本漏洞，该漏洞源于网页生成期间输入中和不当，可能导致跨站脚本。

Description (English)

HotelRunner B2B is a software tool for business management and cooperation with the hotel industry at HotelRunner, Turkey. HotelRunner B2B-04.06.2025 had a cross-site script loophole, which stemmed from inappropriate input during webpage generation and could lead to cross-site scripts.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

HotelRunner

Published

2025-07-22

Last Modified

2026-02-24

References

https://www.usom.gov.tr/bildirim/tr-25-0169 https://nvd.nist.gov/vuln/detail/CVE-2025-4294 https://access.redhat.com/security/cve/cve-2025-4294

Patch

https://hotelrunner.com/en/