Vulnerabilities > Phpjabbers > Appointment Scheduler > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-12-07 CVE-2023-48838 Cross-site Scripting vulnerability in PHPjabbers Appointment Scheduler 3.0
Appointment Scheduler 3.0 is vulnerable to Multiple HTML Injection issues via the SMS API Key or Default Country Code.
network
low complexity
phpjabbers CWE-79
5.4
5.4
2023-12-07 CVE-2023-48839 Cross-site Scripting vulnerability in PHPjabbers Appointment Scheduler 3.0
Appointment Scheduler 3.0 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the name, plugin_sms_api_key, plugin_sms_country_code, calendar_id, title, country name, or customer_name parameter.
network
low complexity
phpjabbers CWE-79
5.4
5.4
2023-10-10 CVE-2023-36126 Cross-site Scripting vulnerability in PHPjabbers Appointment Scheduler 3.0
There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Appointment Scheduler v3.0
network
low complexity
phpjabbers CWE-79
6.1
6.1