CVE-2023-3969

Name of the Vulnerable Software and Affected Versions GZ Scripts Availability Booking Calendar PHP version 1.0

Description A problematic issue has been found in the HTTP POST Request Handler component of the file index.php, where the manipulation of the promo code argument leads to cross site scripting. This issue can be exploited remotely. The exploit has been disclosed to the public.

Recommendations For GZ Scripts Availability Booking Calendar PHP version 1.0, as a temporary workaround, consider restricting the use of the promo code argument in the HTTP POST Request Handler until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.