First published: Thu Aug 10 2023(Updated: )
There is a Cross Site Scripting (XSS) vulnerability in the value-enum-o_bf_include_timezone parameter of index.php in PHPJabbers Callback Widget v1.0.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
PHPJabbers Callback Widget | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2023-36312 is medium (5.4).
The affected software of CVE-2023-36312 is PHPJabbers Callback Widget v1.0.
The CWE ID of CVE-2023-36312 is CWE-79.
To fix CVE-2023-36312, it is recommended to update PHPJabbers Callback Widget to a patched version or apply any available security patches.
You can find more information about CVE-2023-36312 in the following references: [Medium Article](https://medium.com/@milfortutz/multiple-vulnerabilities-in-phpjabbers-part-1-6703becb4cd4), [PHPJabbers Callback Widget](https://www.phpjabbers.com/callback-widget/).