CVE-2023-48208 Information

Description

A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an attacker to inject JavaScript via the name plugin_sms_api_key plugin_sms_country_code uuid title or country name parameter to index.php.

Reference

http://packetstormsecurity.com/files/175805