CVE-2023-51305

Summary

CVE-2023-51305 is a stored Cross-Site Scripting (XSS) vulnerability affecting PHPJabbers Car Park Booking System version 3.0. Attackers can exploit this issue by injecting malicious scripts into the input fields labeled "name," "plugin_sms_api_key," "plugin_sms_country_code," "title," and "plugin_sms_api_key." Successful exploitation could lead to unintended execution of malicious code in users' browsers, potentially resulting in data theft or unauthorized system access. This vulnerability poses a significant risk and demands immediate action, including patching the affected system and sanitizing user-supplied data.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.