CVE-2023-51336

Name of the Vulnerable Software and Affected Versions PHPJabbers Meeting Room Booking System version 1.0

Description The issue is related to a CSV Injection vulnerability that allows an attacker to execute remote code. This vulnerability exists due to insufficient input validation on the Languages section Labels any parameters field in System Options, which is used to construct a CSV file.

Recommendations For PHPJabbers Meeting Room Booking System version 1.0, consider disabling the Languages section Labels any parameters field in System Options to minimize the risk of exploitation until a patch is available. Restrict access to the System Options module to prevent attackers from constructing malicious CSV files. Avoid using the parameters field in the affected section until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.