HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, origine, and anno parameters in creaprezzi.php, tabella3.php, personalizza.php, and visualizza_tabelle.php.Referenceshttp://packetstormsecurity.com/files/151779/HotelDruid-2.3-Cross-Site-Scripting.htmlhttps://www.exploit-db.com/exploits/46429/https://sourceforge.net/projects/hoteldruid/
