CVE-2023-51300

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Feb 19, 2025

Updated: Feb 20, 2025

CWE ID 79

Summary

CVE-2023-51300: The PHPJabbers Hotel Booking System version 4.0 contains Cross-Site Scripting (XSS) vulnerabilities. These weaknesses can be exploited by attackers to inject malicious scripts into the application when users interact with the "name," "plugin_sms_api_key," "plugin_sms_country_code," "title," or "plugin_sms_api_key" parameters. Successful attacks may lead to the theft of user data or the execution of unauthorized commands in the user's browser. It is recommended that users upgrade to the latest version of the system to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

PHPJabbers

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t1zyQb
https://www.cve.org/CVERecord?id=CVE-2023-51300
https://nvd.nist.gov/vuln/detail/CVE-2023-51300

Back to Vulnerability Database

CVE-2023-51300

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations