Medium severity6.1NVD Advisory· Published Jan 20, 2023· Updated Jun 17, 2026
CVE-2023-23012
CVE-2023-23012
Description
Cross Site Scripting (XSS) vulnerability in craigrodway classroombookings 2.6.4 allows attackers to execute arbitrary code or other unspecified impacts via the input bgcol in file Weeks.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- craigrodway/classroombookingsdescription
- Range: <=2.6.4
Patches
Vulnerability mechanics
References
2- gist.github.com/enferas/bd8ec37999c216eceabd6b80d5a95f94nvdExploitThird Party Advisory
- github.com/craigrodway/classroombookings/issues/52nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.