Denial of Service Vulnerability in PHPJabbers Shared Asset Booking System
CVE-2023-51323

6.5MEDIUM

Key Information:

Vendor: PHPJabbers
Status: Shared Asset Booking System
Vendor: CVE Published:; 20 February 2025

Summary

The Shared Asset Booking System by PHPJabbers has a vulnerability within its 'Forgot Password' feature that permits attackers to bypass rate limiting controls. This flaw can be exploited to send an excessive volume of emails for a single legitimate user. As a result, this could lead to service disruption through a Denial of Service (DoS) attack, where overwhelmed email systems may result in significant operational issues and hinder user access.

References

https://www.phpjabbers.com/shared-asset-booking-system/#s...

https://packetstorm.news/files/id/176503

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 20, 2025
Vulnerability Reserved
Dec 18, 2023