Phpjabbers - Appointment Scheduler CVE

Filtered by vendor Phpjabbers Subscribe

Filtered by product Appointment Scheduler

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-48841	1 Phpjabbers	1 Appointment Scheduler	2023-12-09	N/A	8.8 HIGH
Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.
CVE-2023-48840	1 Phpjabbers	1 Appointment Scheduler	2023-12-09	N/A	7.5 HIGH
A lack of rate limiting in pjActionAjaxSend in Appointment Scheduler 3.0 allows attackers to cause resource exhaustion.

Vulnerabilities (CVE)