Medium severity5.4NVD Advisory· Published Mar 11, 2025· Updated Jun 17, 2026
CVE-2025-25747
CVE-2025-25747
Description
Cross Site Scripting vulnerability in DigitalDruid HotelDruid v.3.0.7 allows an attacker to execute arbitrary code and obtain sensitive information via the ripristina_backup parameter in the crea_backup.php endpoint
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- DigitalDruid/HotelDruiddescription
- Range: =3.0.7
Patches
Vulnerability mechanics
References
2- www.huyvo.net/post/cve-2025-25747-reflected-xss-vulnerability-in-hoteldruid-3-0-7nvdExploitThird Party Advisory
- cwe.mitre.org/data/definitions/79.htmlnvdNot Applicable
News mentions
0No linked articles in our index yet.