Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-48208

Disclosure Date: December 07, 2023 (last updated December 09, 2023)
A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an attacker to inject JavaScript via the name, plugin_sms_api_key, plugin_sms_country_code, uuid, title, or country name parameter to index.php.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0