Product: Hotel Management System
Vendor: https://github.com/tramyardg
Affected Version(s): 1.0
CVE ID: CVE-2022-36254
Description: Multiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as "fullname".