CVE-2023-51303

Name of the Vulnerable Software and Affected Versions PHPJabbers Event Ticketing System version 1.0

Description The PHPJabbers Event Ticketing System is vulnerable to multiple HTML injections in the parameters lid, name, plugin sms api key, plugin sms country code, and title. This issue allows for the injection of malicious HTML code, potentially leading to security breaches. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For PHPJabbers Event Ticketing System version 1.0, consider disabling or restricting the use of the vulnerable parameters lid, name, plugin sms api key, plugin sms country code, and title until a patch is available. Avoid using these parameters in API endpoints to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.