Reflected Cross-Site Scripting Vulnerability in PHPJabbers Restaurant Booking System
CVE-2023-51312

5.4MEDIUM

Key Information:

Vendor: PHPJabbers
Status: Restaurant Booking System
Vendor: CVE Published:; 20 February 2025

What is CVE-2023-51312?

The PHPJabbers Restaurant Booking System version 3.0 is susceptible to a reflected cross-site scripting (XSS) vulnerability that occurs within the Reservations menu, specifically in the Schedule section date parameter. This flaw could allow attackers to inject malicious scripts into web pages, which may compromise user data and web application integrity. Proper validation and sanitization of input parameters are essential to prevent such vulnerabilities and ensure the security of web applications.

References

https://www.phpjabbers.com/restaurant-booking-system/#sec...

https://packetstorm.news/files/id/176493

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 20, 2025
Vulnerability Reserved
Dec 18, 2023