2022-09-16 15:14:35
mitre
PUBLISHED
HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session tokens in multiple links via GET parameters, allowing attackers to access user session ids.