PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key, title" parameters.Referenceshttps://www.phpjabbers.com/event-booking-calendar/#sectionDemohttps://packetstorm.news/files/id/176485
