CVE-2023-5304: Online Banquet Booking System Service Booking book-services.php cross site scripting
First published: Sat Sep 30 2023(Updated: )
A vulnerability has been found in Online Banquet Booking System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /book-services.php of the component Service Booking. The manipulation of the argument message leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-240943.
Credit: cna@vuldb.com cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Anujk305 Online Banquet Booking System | =1.0 | |
| =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-5304?
The severity of CVE-2023-5304 is medium with a CVSS score of 6.1.
What component is affected by CVE-2023-5304?
The component affected by CVE-2023-5304 is Service Booking.
What is the vulnerability type of CVE-2023-5304?
CVE-2023-5304 is a cross-site scripting (XSS) vulnerability.
How can the vulnerability in CVE-2023-5304 be exploited?
The vulnerability in CVE-2023-5304 can be exploited by manipulating the 'message' argument in the /book-services.php file.
Is there a fix available for CVE-2023-5304?
There is no information available about a fix for CVE-2023-5304.
- collector/nvd-index
- agent/references
- agent/author
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/severity
- agent/title
- agent/description
- agent/softwarecombine
- agent/event
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/tags
- agent/source
- vendor/anujk305
- canonical/anujk305 online banquet booking system
- version/anujk305 online banquet booking system/1.0