CVE-2022-36254 Information

Description

Multiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as ullname.

Reference

https://gist.github.com/ziyishen97/c464b459df73c4cef241e7ec774b7cf6 https://github.com/tramyardg/hotel-mgmt-system