PT-2023-27618 · Phpjabbers · Phpjabbers Ticket Support Script
Published
2023-08-28
·
Updated
2023-08-29
·
CVE-2023-40753
CVSS v3.1
5.4
Medium
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
PHPJabbers Ticket Support Script version 3.2
Description
There is a Cross Site Scripting (XSS) issue in the
message parameter of "index.php" in PHPJabbers Ticket Support Script. This allows for potential malicious script execution.Recommendations
For PHPJabbers Ticket Support Script version 3.2, consider disabling the
message parameter in "index.php" until a patch is available to prevent exploitation.Exploit
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Phpjabbers Ticket Support Script