CVE-2021-42948

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2021-42948
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-42948.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2021-42948
Downstream
Published
2022-09-16T16:15:09.960Z
Modified
2026-03-14T11:15:39.458164Z
Severity
  • 3.7 (Low) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session tokens in multiple links via GET parameters, allowing attackers to access user session id's.

References

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "3.0.3"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-42948.json"