CVE-2023-23012 Information

Jan 21, 2023 cve

Description

Cross Site Scripting (XSS) vulnerability in craigrodway classroombookings 2.6.4 allows attackers to execute arbitrary code or other unspecified impacts via the input bgcol in file Weeks.php.

Reference

https://gist.github.com/enferas/bd8ec37999c216eceabd6b80d5a95f94 https://github.com/craigrodway/classroombookings/issues/52

Share on: