Stored Cross-Site Scripting Vulnerability in PHPJabbers Restaurant Booking System
CVE-2023-51315

5.4MEDIUM

Key Information:

Vendor: PHPJabbers
Status: Restaurant Booking System
Vendor: CVE Published:; 20 February 2025

What is CVE-2023-51315?

PHPJabbers Restaurant Booking System version 3.0 is susceptible to multiple stored Cross-Site Scripting (XSS) vulnerabilities. Attackers can exploit this weakness via parameters such as seat_name, plugin_sms_api_key, plugin_sms_country_code, title, and name, which can lead to the execution of malicious scripts in the user's browser, compromising sensitive user data and impacting overall web security. Effective measures should be taken to remediate this issue and enhance the security posture of applications.

References

https://www.phpjabbers.com/restaurant-booking-system/#sec...

https://packetstorm.news/files/id/176493

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 20, 2025
Vulnerability Reserved
Dec 18, 2023