Lucene search

K
cve[email protected]CVE-2023-48825
HistoryDec 07, 2023 - 7:15 a.m.

CVE-2023-48825

2023-12-0707:15:10
CWE-79
web.nvd.nist.gov
5
cve-2023-48825
availability booking calendar 5.0
html injection
sms api key
default country code
vulnerability
nvd

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.2%

Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.

Affected configurations

NVD
Node
phpjabbersavailability_booking_calendarMatch5.0

5.4 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

5.9 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.2%

Related for CVE-2023-48825