CVE-2023-51325

Name of the Vulnerable Software and Affected Versions PHPJabbers Shared Asset Booking System version 1.0

Description The issue concerns Multiple Stored Cross-Site Scripting (XSS) in the title and name parameters. This allows for the storage and execution of malicious scripts, potentially leading to unauthorized access or data theft. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For PHPJabbers Shared Asset Booking System version 1.0, as a temporary workaround, consider validating and sanitizing user input for the title and name parameters to prevent malicious script execution. Restrict access to these parameters to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.