exploitDog

GHSA-6q3q-3c99-2m5v

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen WebCalendar allow remote attackers to inject arbitrary web script or HTML via the (1) $name or (2) $description variables in edit_entry_handler.php, or (3) $url, (4) $tempfullname, or (5) $ext_users[] variables in view_entry.php, different vectors than CVE-2012-0846.

Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen WebCalendar allow remote attackers to inject arbitrary web script or HTML via the (1) $name or (2) $description variables in edit_entry_handler.php, or (3) $url, (4) $tempfullname, or (5) $ext_users[] variables in view_entry.php, different vectors than CVE-2012-0846.

Ссылки

EPSS

Процентиль: 45%

0.00225

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2012-5384

nvd

больше 13 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen WebCalendar allow remote attackers to inject arbitrary web script or HTML via the (1) $name or (2) $description variables in edit_entry_handler.php, or (3) $url, (4) $tempfullname, or (5) $ext_users[] variables in view_entry.php, different vectors than CVE-2012-0846.

CVE-2012-5384

debian

больше 13 лет назад

Multiple cross-site scripting (XSS) vulnerabilities in Craig Knudsen W ...

EPSS

Процентиль: 45%

0.00225

Низкий

CVE ID

Дефекты

CWE-79