Cross-site scripting (XSS) vulnerability in phpgwapi/js/jscalendar/test.php in EGroupware Enterprise Line (EPL) prior to 11.1.20110804-1 and EGroupware Community Edition prior to 1.8.001.20110805 allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
egroupware egroupware |
||
egroupware egroupware enterprise line |