Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar prior to 1.2.5, 1.2.6, and other versions prior to 1.2.7 allows remote malicious users to inject arbitrary web script or HTML via the Category Name field to category.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
webcalendar project webcalendar 1.0 |
||
webcalendar project webcalendar 1.1.1 |
||
webcalendar project webcalendar 1.2.0 |
||
webcalendar project webcalendar 1.2.2 |
||
webcalendar project webcalendar 1.1.3 |
||
webcalendar project webcalendar 1.1.4 |
||
webcalendar project webcalendar 1.1.5 |
||
webcalendar project webcalendar 1.1.6 |
||
webcalendar project webcalendar 1.2 |
||
webcalendar project webcalendar 1.2.6 |
||
webcalendar project webcalendar |
||
webcalendar project webcalendar 1.1.2 |
||
webcalendar project webcalendar 1.2.1 |
||
webcalendar project webcalendar 1.2.3 |