First published: Thu Dec 07 2023(Updated: )
Appointment Scheduler 3.0 is vulnerable to Multiple HTML Injection issues via the SMS API Key or Default Country Code.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
PHPJabbers Appointment Scheduler | =3.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of Appointment Scheduler 3.0 is CVE-2023-48838.
The severity of CVE-2023-48838 is medium with a CVSS score of 5.4.
Appointment Scheduler 3.0 is affected by CVE-2023-48838.
An attacker can exploit CVE-2023-48838 by injecting malicious HTML via the SMS API Key or Default Country Code.
To mitigate the vulnerability in Appointment Scheduler 3.0, apply the latest security patch or update provided by the vendor.