exploitDog

GHSA-qmxr-pxhp-w64j

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php.

Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php.

Ссылки

EPSS

Процентиль: 48%

0.00254

Низкий

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2013-1421

ubuntu

почти 12 лет назад

Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php.

CVE-2013-1421

nvd

почти 12 лет назад

Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar before 1.2.5, 1.2.6, and other versions before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via the Category Name field to category.php.

CVE-2013-1421

debian

почти 12 лет назад

Cross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar ...

EPSS

Процентиль: 48%

0.00254

Низкий

CVE ID

Дефекты

CWE-79