Medium severity6.1NVD Advisory· Published Apr 14, 2026· Updated Apr 17, 2026
CVE-2025-65132
CVE-2025-65132
Description
alandsilva26 hotel-management-php 1.0 is vulnerable to Cross Site Scripting (XSS) in /public/admin/edit_room.php which allows an attacker to inject and execute arbitrary JavaScript via the room_id GET parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: = 1.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.