> [Suggested description]
> PHPJabbers Night Club Booking Software has stored XSS in the name parameter in the reservations
> tab.
>
> ------------------------------------------
>
> [Vulnerability Type]
> Cross Site Scripting (XSS)
>
> ------------------------------------------
>
> [Vendor of Product]
> PHPJabbers
>
> ------------------------------------------
>
> [Affected Product Code Base]
> Night Club Booking Software - 1.0
>
> ------------------------------------------
>
> [Affected Component]
> Adding a reservation allows for the creation of a stored XSS
>
> ------------------------------------------
>
> [Attack Type]
> Remote
>
> ------------------------------------------
>
> [Impact]
> [+] CVE_Request.Impact_Code_execution
> [-] CVE_Request.Impact_Denial_of_Service
> [-] CVE_Request.Impact_Escalation_of_Privileges
> [-] CVE_Request.Impact_Information_Disclosure
>
> ------------------------------------------
>
> [Attack Vectors]
> add xss payload to the name parameter
>
> ------------------------------------------
>
> [Discoverer]
> Raphael Karger