First published: Thu Aug 10 2023(Updated: )
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
PHPJabbers Callback Widget | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-36315 refers to a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0.
PHPJabbers Callback Widget v1.0 is affected by CVE-2023-36315.
The severity level of CVE-2023-36315 is medium with a CVSS score of 6.1.
To fix CVE-2023-36315, it is recommended to update PHPJabbers Callback Widget to a version that has the vulnerability patched.
You can find more information about CVE-2023-36315 at these references: [Reference 1](https://medium.com/@milfortutz/multiple-vulnerabilities-in-phpjabbers-part-1-6703becb4cd4), [Reference 2](https://www.phpjabbers.com/callback-widget).