.. / CVE-2023-4110

Exploit for PHPJabbers Availability Booking Calendar 5.0 - Cross-Site Scripting (CVE-2023-4110)

Description:

A vulnerability has been found in PHP Jabbers Availability Booking Calendar 5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument session_id leads to cross site scripting. The attack can be launched remotely.

Nuclei Template

View the template here CVE-2023-4110.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-4110.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-4110
https://vuldb.com/?ctiid.235957
https://vuldb.com/?id.235957
http://packetstormsecurity.com/files/173926/PHPJabbers-Availability-Booking-Calendar-5.0-Cross-Site-Scripting.html