Description
A vulnerability was detected in classroombookings up to 2.17.0. This impacts the function read of the file crbs-core/application/views/layout.php of the component User Display Name Handler. The manipulation of the argument displayname results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used. Upgrading to version 2.17.1 will fix this issue. The patch is identified as 69c3c9bb8a17f1ea572d8f4502bf238f0214c98a. It is suggested to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Published: 2026-04-17
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Client‑side cross‑site scripting in the User Display Name handler
Action: Patch
AI Analysis

Impact

The vulnerability allows an attacker to supply a malicious displayname value that is reflected unsanitized into the layout template, resulting in client‑side cross‑site scripting (CWE‑79). The attack injects arbitrary JavaScript which, when executed in the victim’s browser, can steal credentials, deface the page, or perform other browser‑based actions. It is a stored or reflected XSS rather than a server‑side code execution flaw (CWE‑94 is listed but not a primary exploitation path).

Affected Systems

ClassRoomBookings, versions up to and including 2.17.0, including 2.17.0 and earlier releases. The issue is fixed in the 2.17.1 release; no other affected versions are reported.

Risk and Exploitability

The CVSS score is 5.1, indicating a moderate severity. The EPSS score is not available, and the vulnerability is not currently listed in CISA’s KEV catalog. The attack vector is remote, requiring only that an attacker be able to influence the displayname argument sent to the application. An attacker can craft a exploit that targets any user who loads the affected page, potentially compromising user sessions or the integrity of the viewed content.

Generated by OpenCVE AI on April 18, 2026 at 17:14 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade ClassRoomBookings to version 2.17.1 or later, which includes the patch identified by commit 69c3c9bb8a17f1ea572d8f4502bf238f0214c98a.
  • Implement server‑side validation on the displayname field to allow only safe characters (e.g., alphanumerics and limited punctuation) to mitigate input‑based XSS (CWE‑79).
  • Deploy a strict Content Security Policy that disallows inline scripts and restricts script sources to trusted domains, reducing the impact of any remaining XSS payloads.

Generated by OpenCVE AI on April 18, 2026 at 17:14 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 18 Apr 2026 03:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 17 Apr 2026 12:45:00 +0000

Type Values Removed Values Added
Description A vulnerability was detected in classroombookings up to 2.17.0. This impacts the function read of the file crbs-core/application/views/layout.php of the component User Display Name Handler. The manipulation of the argument displayname results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used. Upgrading to version 2.17.1 will fix this issue. The patch is identified as 69c3c9bb8a17f1ea572d8f4502bf238f0214c98a. It is suggested to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
Title classroombookings User Display Name layout.php read cross site scripting
First Time appeared Classroombookings
Classroombookings classroombookings
Weaknesses CWE-79
CWE-94
CPEs cpe:2.3:a:classroombookings:classroombookings:*:*:*:*:*:*:*:*
Vendors & Products Classroombookings
Classroombookings classroombookings
References
Metrics cvssV2_0

{'score': 4, 'vector': 'AV:N/AC:L/Au:S/C:N/I:P/A:N/E:POC/RL:OF/RC:C'}

cvssV3_0

{'score': 3.5, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C'}

cvssV3_1

{'score': 3.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Classroombookings Classroombookings
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-04-18T02:58:17.041Z

Reserved: 2026-04-17T06:58:13.000Z

Link: CVE-2026-6486

cve-icon Vulnrichment

Updated: 2026-04-18T02:58:05.502Z

cve-icon NVD

Status : Deferred

Published: 2026-04-17T13:16:14.117

Modified: 2026-04-29T01:00:01.613

Link: CVE-2026-6486

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T17:15:05Z

Weaknesses