B2B
by HotelRunner
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-4296 | Med | 0.31 | 4.7 | 0.00 | Jul 23, 2025 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in HotelRunner B2B allows Forceful Browsing.This issue affects B2B: before 04.06.2025. | ||
| CVE-2025-4294 | Med | 0.31 | 4.8 | 0.00 | Jul 22, 2025 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HotelRunner B2B allows Cross-Site Scripting (XSS).This issue affects B2B: before 04.06.2025. | ||
| CVE-2025-4295 | Med | 0.30 | 4.6 | 0.00 | Jul 22, 2025 | Improper Validation of Certificate with Host Mismatch vulnerability in HotelRunner B2B allows HTTP Response Splitting.This issue affects B2B: before 04.06.2025. |
- risk 0.31cvss 4.7epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in HotelRunner B2B allows Forceful Browsing.This issue affects B2B: before 04.06.2025.
- risk 0.31cvss 4.8epss 0.00
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HotelRunner B2B allows Cross-Site Scripting (XSS).This issue affects B2B: before 04.06.2025.
- risk 0.30cvss 4.6epss 0.00
Improper Validation of Certificate with Host Mismatch vulnerability in HotelRunner B2B allows HTTP Response Splitting.This issue affects B2B: before 04.06.2025.