Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-42948

Sept. 16, 2022, 4:15 p.m. |

National Vulnerability Database nist.gov

HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session tokens in multiple links via GET parameters, allowing attackers to access user session id's.

cve

Chief Information Security Officer

@ Los Angeles Unified School District | Los Angeles

Cybersecurity Engineer

@ Apercen Partners LLC | Folsom, CA

IDM Sr. Security Developer

@ The Ohio State University | Columbus, OH, United States

IT Security Engineer

@ Stylitics | New York City

Information Security Engineer

@ VDA Labs | Remote

Sr. Malware Researcher - Windows Software Engineer

@ SentinelOne | Brno, South Moravian, Czech Republic

Senior Cyber Security Incident Response Analyst

@ ServiceNow | Dublin, Ireland

Staff, Privacy Compliance Monitoring

@ Coupang | Seoul, South Korea

VULNERABILITY MANAGER

@ Security Bank | Makati, Makati, Philippines

Cyber Security Analyst

@ Avery Dennison | Bengaluru/Remote, India

Security Incident Response Manager (Remote, Americas)

@ Shopify | Dallas, TX, United States

Sr. Compliance Specialist (Screening)

@ Coupang | Seoul, South Korea