CVE-2014-9905

2017-02-17T17:59:00
ID CVE-2014-9905
Type cve
Reporter cve@mitre.org
Modified 2019-11-07T21:57:00

Description

Multiple cross-site scripting (XSS) vulnerabilities in the Web Calendar in SOGo before 2.2.0 allow remote attackers to inject arbitrary web script or HTML via the (1) title of an appointment or (2) contact fields.