Check for the latest Joomla! OS Services Booking version. If you are not on the latest release, read the release notes to see if you need to upgrade. If a release is being made in order to address security issues then it is strongly advised that you upgrade as soon as possible.

If you are running an earlier release of the current version (for example, you are running OS Services Booking 2.5.1 or lower), you should upgrade to the current version. This minor release fixes a SQL Injection issue on router function of OS Services Booking

root > components > com_osservicesbooking > router.php

Regards,

Dev tean