CVE-2023-51296 Information

Description

PHPJabbers Event Booking Calendar v4.0 is vulnerable to Cross-Site Scripting (XSS) in the ame plugin_sms_api_key plugin_sms_country_code title plugin_sms_api_key\ parameters which allows attackers to execute arbitrary code

Reference

https://packetstorm.news/files/id/176485 https://www.phpjabbers.com/event-booking-calendar/#sectionDemo