CVE-2013-1470

2014-02-05T10:10:04
ID CVE-2013-1470
Type cve
Reporter NVD
Modified 2017-08-28T21:33:09

Description

Cross-site scripting (XSS) vulnerability in calendar/index.php in the Calendar plugin in Geeklog before 1.8.2sr1 and 2.0.0 before 2.0.0rc2 allows remote attackers to inject arbitrary web script or HTML via the calendar_type parameter to submit.php.