Stored Cross-Site Scripting Flaw in PHPJabbers Bus Reservation System
CVE-2023-51318

5.4MEDIUM

Key Information:

Vendor: PHPJabbers
Status: Bus Reservation System
Vendor: CVE Published:; 20 February 2025

What is CVE-2023-51318?

The PHPJabbers Bus Reservation System v1.1 contains a vulnerability allowing multiple stored cross-site scripting (XSS) attacks via the 'title' and 'name' parameters. This weakness could be exploited to inject malicious scripts, compromising user data and potentially leading to unauthorized access or data theft. Users of this version should take immediate action to secure their applications against this vulnerability.

References

https://www.phpjabbers.com/bus-reservation-system/#sectio...

https://packetstorm.news/files/id/176499

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Feb 20, 2025
Vulnerability Reserved
Dec 18, 2023

JSON