CVE-2023-51315

Name of the Vulnerable Software and Affected Versions PHPJabbers Restaurant Booking System version 3.0

Description The issue concerns multiple Stored Cross-Site Scripting (XSS) vulnerabilities in the parameters seat name, plugin sms api key, plugin sms country code, title, and name. This allows for the potential execution of malicious scripts stored on the server.

Recommendations For PHPJabbers Restaurant Booking System version 3.0, consider disabling the parameters seat name, plugin sms api key, plugin sms country code, title, and name until a patch is available to prevent exploitation. Restrict access to these parameters to minimize the risk of Stored XSS attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.