Vulnerabilities > Phpjabbers > Availability Booking Calendar > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-07 | CVE-2023-48208 | Cross-site Scripting vulnerability in PHPjabbers Availability Booking Calendar 5.0 A Cross Site Scripting vulnerability in Availability Booking Calendar 5.0 allows an attacker to inject JavaScript via the name, plugin_sms_api_key, plugin_sms_country_code, uuid, title, or country name parameter to index.php. | 6.1 |
| 2023-12-07 | CVE-2023-48825 | Cross-site Scripting vulnerability in PHPjabbers Availability Booking Calendar 5.0 Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code. | 5.4 |
| 2023-08-03 | CVE-2023-4110 | Cross-site Scripting vulnerability in PHPjabbers Availability Booking Calendar 5.0 A vulnerability has been found in PHP Jabbers Availability Booking Calendar 5.0 and classified as problematic. | 6.1 |