CVE-2026-13554

A vulnerability has been found in itsourcecode Online Hotel Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/mod_amenities/controller.php?action=add of the component POST Request Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Configurations

No configuration.

History

29 Jun 2026, 10:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-29 10:16

Updated : 2026-06-30 19:16


NVD link : CVE-2026-13554

Mitre link : CVE-2026-13554

CVE.ORG link : CVE-2026-13554


JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-94

Improper Control of Generation of Code ('Code Injection')