A vulnerability, which was classified as problematic, was found in Availability Booking Calendar 5.0. This affects an unknown part of the file index.php. The manipulation of the argument name/plugin_sms_api_key/plugin_sms_country_code/uuid/title/country name leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2023-48208. It is possible to initiate the attack remotely. There is no exploit available.