CVE-2023-51331

Name of the Vulnerable Software and Affected Versions PHPJabbers Cleaning Business Software version 1.0

Description The issue exists due to insufficient input validation on the Languages section Labels any parameters field in System Options that is used to construct a CSV file, allowing an attacker to execute remote code. This is a result of a CSV Injection vulnerability.

Recommendations For PHPJabbers Cleaning Business Software version 1.0, as a temporary workaround, consider disabling the construction of CSV files from user-inputted data in the System Options until a patch is available. Restrict access to the Languages section Labels any parameters field to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.