Vulnerability in Phpjabbers Event_booking_calendar
CVE-2023-51298
PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters f…
EPSS: 0.004 (28.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 4.7 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N.
Affected products
- Phpjabbers Event_booking_calendar — versions 4.0
- N/a — versions n/a
Weakness classification (CWE)
References
- cve@mitre.org (Product)
- cve@mitre.org (Exploit, VDB Entry, Third Party Advisory)
Frequently asked questions
- What is CVE-2023-51298?
- CVE-2023-51298 is a medium-severity vulnerability in Phpjabbers Event_booking_calendar, classified under Improper Neutralization of Formula Elements in a CSV File. CVSS score: 4.7/10. Published 2025-02-19.
- How severe is CVE-2023-51298?
- Medium severity. CVSS v3 base score is 4.7 out of 10.