CVE-2023-48826

Name of the Vulnerable Software and Affected Versions Time Slots Booking Calendar version 4.0

Description The issue concerns a CSV Injection vulnerability via the unique ID field of the Reservations List. This allows for potential exploitation. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For Time Slots Booking Calendar version 4.0, as a temporary workaround, consider restricting access to the Reservations List or validating and sanitizing the unique ID field to minimize the risk of CSV Injection exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.