WebCalendar v1.3.0 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /WebCalendarvqsmnseug2/edit_entry.php.
webcalendar project webcalendar 1.3.0