HTML Injection Vulnerabilities in Appointment Scheduler 3.0 via SMS API Key and Default Country Code

HTML Injection Vulnerabilities in Appointment Scheduler 3.0 via SMS API Key and Default Country Code

CVE-2023-48838 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Appointment Scheduler 3.0 is vulnerable to Multiple HTML Injection issues via the SMS API Key or Default Country Code.

Learn more about our Api Penetration Testing.