GHSA-gphf-mppm-mv89MediumCVSS 4.8

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')...

Published
July 22, 2025
Last Modified
June 5, 2026

🔗 CVE IDs covered (1)

CVE-2025-4294

📋 Description

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HotelRunner B2B allows Cross-Site Scripting (XSS).This issue affects B2B: before 04.06.2025.

🔗 References (4)