PHPJabbers Event Booking Calendar v4.0 is vulnerable to Cross-Site Scripting (XSS) in the "name, plugin_sms_api_key, plugin_sms_country_code, title, plugin_sms_api_key" parameters which allows attackers to execute arbitrary codeReferenceshttps://www.phpjabbers.com/event-booking-calendar/#sectionDemohttps://packetstorm.news/files/id/176485
