CVE-2023-4116

PHP Jabbers Taxi Booking index.php cross site scripting

CVSS 4.3 MEDIUMEPSS 5.2%CWE-79

A vulnerability classified as problematic was found in PHP Jabbers Taxi Booking 2.0. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-235963. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected products

PHP Jabbers · Taxi Booking

public PoCs found — 2

cve_referencepacketstormsecurity.com/files/173937/PHPJabbers-Taxi-Booking-2.0-Cross-Site-Scripting.htmlunverified exploitdbwww.exploit-db.com/exploits/51652unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/173937/PHPJabbers-Taxi-Booking-2.0-Cross-Site-Scripting.html https://vuldb.com/?ctiid.235963 https://vuldb.com/?id.235963