Vulnerability Details CVE-2011-5045
Cross-site scripting (XSS) vulnerability in details_view.php in PHP Booking Calendar 10e allows remote attackers to inject arbitrary web script or HTML via the page_info_message parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.1%
CVSS Severity
CVSS v2 Score 4.3
References
- http://archives.neohapsis.com/archives/bugtraq/2011-12/0124.html
- http://sourceforge.net/tracker/?func=detail&aid=3469106&group_id=132702&atid=724998
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71883
- http://archives.neohapsis.com/archives/bugtraq/2011-12/0124.html
- http://sourceforge.net/tracker/?func=detail&aid=3469106&group_id=132702&atid=724998
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71883
Products affected by CVE-2011-5045
-
cpe:2.3:a:jjwdesign:php_booking_calendar:10e