3 matches found
CVE-2023-50860
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in TMS Booking for Appointments and Events Calendar – Amelia allows Stored XSS.This issue affects Booking for Appointments and Events Calendar – Amelia: from n/a through 1.0.85...
CVE-2023-50860
CVE-2023-50860 is a Stored XSS in the Booking for Appointments and Events Calendar – Amelia plugin for WordPress, affecting Amelia Booking versions up to 1.0.85. The vulnerability arises from improper neutralization of input during web page generation, allowing malicious input to be reflected and...
WordPress Amelia Plugin <= 1.0.85 is vulnerable to Cross Site Scripting (XSS)
Software Amelia Type Plugin Vulnerable versions = 1.0.85 Fixed in 1.0.86 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-50860 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 27837f5455f3 Credits Ngô Thiên An ancorn from VNPT-VCI Required...