Login Sign Up

CVE-2023-51337

5.4 MEDIUM
Cross-Site Scripting

📋 TL;DR

PHPJabbers Event Ticketing System v1.0 contains a reflected cross-site scripting vulnerability in the 'lid' parameter of the index page. This allows attackers to inject malicious scripts that execute in victims' browsers when they click specially crafted links. Organizations using this specific version of the event ticketing system are affected.

💻 Affected Systems

Products:
  • PHPJabbers Event Ticketing System
Versions: v1.0
Operating Systems: Any OS running PHP
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the web interface accessible via browser. Requires PHP environment.

📦 What is this software?

Event Ticketing System by Phpjabbers

View all CVEs affecting Event Ticketing System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal session cookies, redirect users to malicious sites, perform actions on behalf of authenticated users, or deliver malware payloads.

🟠

Likely Case

Session hijacking leading to unauthorized access to ticketing system functions, potential data theft, or defacement of the application interface.

🟢

If Mitigated

Limited impact with proper input validation and output encoding, though the vulnerability still exists in the codebase.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires user interaction (clicking malicious link). Public exploit details available in Packet Storm references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not found

Restart Required: No

Instructions:

1. Check vendor website for updated version. 2. If available, backup current installation. 3. Replace vulnerable files with patched version. 4. Test functionality.

🔧 Temporary Workarounds

Input Validation Filter

all

Add server-side validation to sanitize 'lid' parameter input

Modify PHP code to filter/sanitize $_GET['lid'] parameter using htmlspecialchars() or filter_var()

Web Application Firewall Rule

all

Block malicious XSS payloads in 'lid' parameter

Add WAF rule to detect and block script tags and JavaScript in 'lid' parameter

🧯 If You Can't Patch

  • Implement Content Security Policy (CSP) headers to restrict script execution
  • Restrict access to the application using network controls or authentication

🔍 How to Verify

Check if Vulnerable:

Test by accessing index page with payload in lid parameter: /index.php?lid=<script>alert('XSS')</script>

Check Version:

Check PHPJabbers version in admin panel or readme files

Verify Fix Applied:

Test same payload; script should not execute and input should be properly encoded in output

📡 Detection & Monitoring

Log Indicators:

  • HTTP requests with script tags or JavaScript in 'lid' parameter
  • Unusual parameter values in access logs

Network Indicators:

  • HTTP GET requests containing malicious scripts in query parameters

SIEM Query:

source="web_logs" AND uri_query="*lid=*script*" OR uri_query="*lid=*javascript:*"

📊 Metadata

CVE ID: CVE-2023-51337
CVSS v3 Score: 5.4 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-79
EPSS Score: 0.1% exploit probability (28th percentile)
Published: February 20, 2025
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-51337, you might also want to check these:

CVE-2021-39199 10.0

CVE-2021-39199 is a critical cross-site scripting (XSS) vulnerability in the remark-html Node.js lib...

Same vulnerability type (CWE-79)
CVE-2021-32671 10.0

This vulnerability in Flarum forum software allows attackers to inject malicious HTML/JavaScript int...

Same vulnerability type (CWE-79)
CVE-2021-32798 10.0

CVE-2021-32798 is a critical vulnerability in Jupyter Notebook that allows malicious notebook files ...

Same vulnerability type (CWE-79)