CVE-2023-48831

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Availability Booking Calendar version 5.0

Description A lack of rate limiting in pjActionAJaxSend allows attackers to cause resource exhaustion.

Recommendations For Availability Booking Calendar version 5.0, consider implementing rate limiting in the pjActionAJaxSend function to prevent resource exhaustion. As a temporary workaround, restrict access to the pjActionAJaxSend function until a patch is available.

Exploit

Fix

Resource Exhaustion

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-770

Related Identifiers

CVE-2023-48831

Affected Products

Availability Booking Calendar

CVE-2023-48831

Weakness Enumeration

Related Identifiers

Affected Products

References · 6