{"id":"CVE-2019-8937","details":"HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php.","modified":"2026-03-14T14:42:00.716919Z","published":"2019-05-17T15:29:00.710Z","references":[{"type":"ADVISORY","url":"https://sourceforge.net/projects/hoteldruid/"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/151779/HotelDruid-2.3-Cross-Site-Scripting.html"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/46429/"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"2.3.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-8937.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}